performance-profiling
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): This skill exhibits a significant surface for indirect prompt injection. It is designed to read and interpret content from external, untrusted sources such as simulation logs. Ingestion points: The skill reads
simulation.log,scaling_data.json, andparams.json. Boundary markers: There are no delimited boundaries or instructions to ignore embedded commands within the ingested data. Capability inventory: The agent is grantedBash(shell access) andWrite(file modification) tools. Sanitization: No evidence of data sanitization or validation of the external content is present. - [COMMAND_EXECUTION] (MEDIUM): The skill frequently uses the
Bashtool to execute Python scripts using arguments that can be influenced by user input, such as log paths and timing patterns. This poses a risk of command injection if the underlying scripts or the tool caller do not properly sanitize these parameters.
Recommendations
- AI detected serious security threats
Audit Metadata