agent-audit
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, hidden code, or unauthorized network behaviors were identified. The skill's structure and instructions are consistent with its stated purpose of performance optimization.
- [COMMAND_EXECUTION]: The skill uses 'bash' (limited to grep, find, wc, and python) and 'file' tools (read/write). These capabilities are necessary for instrumenting and analyzing an existing agent's codebase and logs.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it reads and processes external agent configurations and prompts.
- Ingestion points: Reading audited agent files and logs using the 'file: read' tool.
- Boundary markers: Absent; there are no explicit instructions to the agent on how to handle untrusted instructions found in the audited files.
- Capability inventory: The skill has 'bash', 'python', and 'file: write' tools, which could be leveraged if the agent inadvertently obeys instructions found in audited data.
- Sanitization: No sanitization of ingested agent configuration or prompt data is described.
Audit Metadata