skills/jeremylongshore/claude-code-plugins-plus-skills/analyzing-system-throughput/Gen Agent Trust Hub
analyzing-system-throughput
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it is designed to ingest and process data from external, potentially untrusted file systems while having access to system tools.
- Ingestion points: Both 'scripts/analyze_throughput.py' and 'scripts/identify_bottlenecks.sh' (which is a Python script) accept user-provided paths to analyze files and directories.
- Boundary markers: The scripts lack explicit delimiters or instructions to the agent to ignore embedded instructions in the files being analyzed.
- Capability inventory: The skill configuration grants access to 'Bash' (performance and monitoring scopes), 'Read', 'Write', and 'Grep' tools.
- Sanitization: No sanitization or content validation is performed on the files being processed beyond basic format checks.
Audit Metadata