response-time-analyzer
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill possesses a high risk of indirect prompt injection as it is designed to analyze performance monitoring data and logs while having access to high-privilege tools.
- Ingestion points: Performance logs, monitoring data, and user-provided configuration files mentioned in the capabilities section (SKILL.md).
- Boundary markers: None identified. There are no instructions to the agent to distinguish between data and commands within the analyzed content.
- Capability inventory: The skill is granted
Bash,Write, andEdittool permissions, which can be leveraged to execute arbitrary code or modify system files. - Sanitization: No sanitization or validation logic is defined to protect against malicious instructions embedded in performance reports.
- [Command Execution] (MEDIUM): Explicit request for
BashandWritetools increases the potential impact of an exploit. While relevant to performance testing (e.g., running k6 or jmeter), these tools are not restricted to safe subsets of commands.
Recommendations
- AI detected serious security threats
Audit Metadata