performance-profiling
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill configuration allows the Bash tool and provides instructions to run scripts/lighthouse_audit.py. As the file is not included in the skill package, its actions (such as filesystem or network activity) are hidden and unverifiable.
- [Indirect Prompt Injection] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes external URLs for performance auditing. 1. Ingestion point: External URL parameter for the audit script. 2. Boundary markers: None provided. 3. Capability inventory: Bash, Read, Glob, Grep tools. 4. Sanitization: None observed. If an attacker-controlled website provides malicious input through its content that is then parsed by the agent, it could lead to unauthorized actions.
Audit Metadata