Skills
skills/laurenceputra/agent-skills/performance-optimization/Gen Agent Trust Hub

performance-optimization

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is designed to analyze external data which could contain malicious instructions.
  • Ingestion points: User-provided source code, database queries, and system logs (SKILL.md).
  • Boundary markers: Absent. The instructions lack clear delimiters or warnings to ignore commands within the analyzed data.
  • Capability inventory: The skill utilizes bash and git, providing a vector for code execution or filesystem manipulation if the agent is compromised by malicious input.
  • Sanitization: Absent. No filtering or validation of input data is specified.
  • Command Execution (MEDIUM): The skill explicitly permits the use of bash and git. While necessary for performance profiling, these tools provide the capability to interact with the host system, increasing the severity of any successful prompt injection.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:31 PM