locust-test-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to ingest and process external performance testing targets and patterns without security boundaries. Evidence: 1. Ingestion points: Processes user-provided targets and performance testing requirements for test generation. 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: Granted 'Bash', 'Write', 'Edit', and 'Read' permissions in metadata. 4. Sanitization: Absent; no validation or escaping of external content before tool use.
- Command Execution (HIGH): Metadata explicitly enables the 'Bash' tool. In the absence of constraints or safety instructions, this grants the agent unrestricted shell access which can be abused via indirect prompt injection to execute arbitrary malicious code on the host system.
Recommendations
- AI detected serious security threats
Audit Metadata