performance-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to analyze untrusted data, which is a vector for indirect prompt injection attacks. * Ingestion points: User-provided code, database query logs, and performance profiler output (SKILL.md). * Boundary markers: Absent; the instructions do not define delimiters or provide warnings for the agent to ignore instructions embedded in analyzed data. * Capability inventory: Limited to analysis and recommendation display; no file-system write operations or network-enabled tools are defined within this skill. * Sanitization: None; the skill does not specify any validation or filtering of user-supplied code or data.
Audit Metadata