Skills
skills/lynx-community/skills/lynx-trace-analysis/Gen Agent Trust Hub

lynx-trace-analysis

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on executing a bundled Node.js script (scripts/trace_query.bundle.cjs) to perform trace querying and recording operations. This is the primary mechanism for the skill's functionality.
  • [EXTERNAL_DOWNLOADS]: The tool includes functionality to fetch trace files from remote URLs via the --path argument, which is a standard requirement for analyzing performance data hosted in remote environments.
  • [DATA_EXFILTRATION]: The skill contains commands like readData with an -o (output) option and the ability to read from local file paths. While these are necessary for trace management, they represent a capability to access and write data to the local file system.
  • [PROMPT_INJECTION]: The skill processes external, potentially untrusted trace data. This creates a surface for indirect prompt injection if event metadata or arguments within a trace file contain malicious instructions designed to influence the agent's behavior during analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 09:47 PM