performance
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its core workflow of processing external source code.
- Ingestion points: The agent utilizes Read, Glob, and Grep to ingest and analyze source code files (e.g., .tsx and .ts files) throughout the project as seen in SKILL.md.
- Boundary markers: The instructions do not include specific delimiters or warnings to the agent to ignore potentially malicious instructions embedded within the analyzed source code comments or strings.
- Capability inventory: The agent is granted Shell and Write tools, enabling it to execute commands (e.g., pnpm build) and modify the codebase based on its analysis of the ingested files.
- Sanitization: No explicit sanitization or validation steps are performed on the content extracted from the source files before it influences the agent's actions.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install @tanstack/react-virtual and rollup-plugin-visualizer from the NPM registry. These are well-known, high-reputation packages used for virtualization and bundle diagnostics.
- [COMMAND_EXECUTION]: The skill uses shell commands to perform production builds and preview the application (pnpm run build, pnpm run preview). This behavior is consistent with the skill's primary objective of measuring performance improvements.
Audit Metadata