skills/jeremylongshore/claude-code-plugins-plus-skills/validating-performance-budgets/Gen Agent Trust Hub
validating-performance-budgets
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests data from external JSON files which creates an indirect prompt injection surface.\n
- Ingestion points: Performance metrics and budgets are loaded from
metrics.jsonandbudget.jsoninscripts/validate_budget.pyandscripts/create_budget.py.\n - Boundary markers: No delimiters are used to separate untrusted metrics data from the agent's instructions.\n
- Capability inventory: The agent can execute shell commands, write files, and perform network requests.\n
- Sanitization: No input validation or sanitization is performed on the ingested metric strings.\n- [DATA_EXFILTRATION]: The skill can send performance reports to any URL provided by the user, representing a potential exfiltration vector for project metrics.\n
- Evidence: The
ViolationReporter.send_slackmethod inscripts/report_violation.pyusesurllib.requestto POST JSON data to an unvalidated URL argument.
Audit Metadata