web-vitals-monitor
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (HIGH): The skill creates a high-risk surface for indirect prompt injection by monitoring external web content (web vitals) while possessing high-privilege capabilities. 1. Ingestion points: Monitoring tasks necessitate reading untrusted external website data. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: Requests 'Bash', 'Write', and 'Edit' tools in SKILL.md. 4. Sanitization: No validation mechanisms are defined to handle potentially malicious instructions from external sources.
- COMMAND_EXECUTION (MEDIUM): The skill requests broad 'Bash' tool access without providing any specific internal logic, scripts, or safety constraints on how those commands should be used.
- NO_CODE (LOW): The skill consists entirely of metadata and descriptive text without any executable scripts or complex instructions, acting only as a permission-granting trigger.
Recommendations
- AI detected serious security threats
Audit Metadata