ln-650-persistence-performance-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill logic is consistent with its stated purpose as a performance and persistence auditor.
- [COMMAND_EXECUTION]: The skill uses the Bash tool for directory management (mkdir) and Grep for scanning migration files. These operations are restricted to the project environment and do not process untrusted shell input.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). 1. Ingestion points: Reads local project files (tech_stack.md, manifests) and fetches documentation via WebSearch. 2. Boundary markers: No explicit delimiters are used to separate ingested data in context stores. 3. Capability inventory: Limited to Bash (mkdir), Grep, and Task delegation to trusted sibling skills. 4. Sanitization: No explicit sanitization of ingested content. Despite the surface, the restricted capability set mitigates overall risk.
Audit Metadata