Skills
skills/jgamaraalv/ts-dev-kit/core-web-vitals/Gen Agent Trust Hub

core-web-vitals

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface within its report generation logic.
  • Ingestion points: The visualize.py script ingests data from user-provided Lighthouse JSON files via the --lighthouse argument or from a user-supplied URL string via the --url argument.
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed JSON or URL data.
  • Capability inventory: The skill possesses the capability to execute python3 scripts that write to the local file system and interact with the system's default web browser using webbrowser.open().
  • Sanitization: The script fails to sanitize the url field (and others) before interpolating them into the HTML report template (f'<p class="url">{url}</p>'). This allows for potential XSS or injection if the source data is controlled by an attacker.
  • [COMMAND_EXECUTION]: The skill requires the agent to execute a local Python script (visualize.py). This script performs automated local actions, specifically using the webbrowser library to open generated files in the host system's web browser, which is an external side effect.
  • [EXTERNAL_DOWNLOADS]: The documentation and reference files (e.g., tools.md) recommend installing several well-known and trusted technology packages from the npm registry, including web-vitals, lighthouse, and @lhci/cli, to facilitate performance auditing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 06:11 PM