perf-theory-gatherer
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the ability to execute system commands such as
gitandgrepto gather performance data and history from the repository. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
- Ingestion points: Processes untrusted data from git history, repository maps, and file content retrieved via
grepor direct file access. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the analyzed repository data are defined.
- Capability inventory: Relies on
gitandgreptools which interact with the local filesystem and repository metadata. - Sanitization: There is no evidence of content sanitization or validation for the data retrieved from the repository before it is interpreted by the agent.
Audit Metadata