Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/supabase-load-scale/Gen Agent Trust Hub

supabase-load-scale

Warn

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PRIVILEGE_ESCALATION]: The file references/load-testing-with-k6.md contains the command sudo apt install k6, which requests administrative privileges on the host system to install dependencies.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests and processes performance metrics and logs from external tools (k6, Prometheus), making it susceptible to indirect prompt injection.
  • Ingestion points: System metrics and k6 test outputs in SKILL.md and references/capacity-planning.md.
  • Boundary markers: None provided in the instructions or scripts.
  • Capability inventory: The skill has access to Bash, Write, Edit, and Read tools according to SKILL.md.
  • Sanitization: No sanitization or validation logic is applied to the metrics data before it is used by the agent.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 12, 2026, 12:31 AM