Skills
skills/congdon1207/agents.md/performance-optimization/Gen Agent Trust Hub

performance-optimization

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is susceptible to indirect prompt injection due to its core function and toolset.
  • Ingestion points: The skill reads external database queries, API source code, and frontend files using Read, Grep, and Glob tools.
  • Boundary markers: None. There are no instructions to delimit or ignore instructions within the analyzed code files.
  • Capability inventory: The skill allows Bash, Write, Edit, and Task tools, which enable arbitrary command execution and file system modification.
  • Sanitization: None detected. The agent processes code directly to suggest or apply optimizations.
  • Unverifiable Dependencies & Remote Code Execution (MEDIUM): The workflow suggests using npx webpack-bundle-analyzer, which involves downloading and executing code from the npm registry at runtime.
  • Evidence: The measurement step includes npx webpack-bundle-analyzer stats.json.
  • Data Exposure & Exfiltration (LOW): The skill utilizes curl for benchmarking API endpoints. While used here for performance measurement (curl -w "@curl-format.txt"), network tools can be repurposed for exfiltration if the agent is compromised via prompt injection.
  • Evidence: curl -w "@curl-format.txt" -o /dev/null -s "http://api/endpoint".
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:07 PM