Skills
skills/malinskibeniamin/skills/setup-llm-optimization/Gen Agent Trust Hub

setup-llm-optimization

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Vulnerability Surface.
  • Ingestion points: scripts/llm-test-flags.sh ingests tool command inputs; scripts/llm-truncate.sh ingests tool output results.
  • Boundary markers: Absent. There are no explicit delimiters or warnings to the agent that the processed content might contain instructions that should be ignored.
  • Capability inventory: The skill can rewrite Bash commands and suppress/modify tool output seen by the agent.
  • Sanitization: The scripts use jq to properly encode JSON outputs, which prevents structural injection, but they do not filter the content of the commands or results for natural language instructions.
  • [SAFE]: Metadata Inconsistency. SKILL.md and REFERENCE.md state that NODE_OPTIONS is configured to increase heap size, but the corresponding scripts/llm-env.sh does not implement this. Additionally, REFERENCE.md incorrectly refers to the environment script as session-env.sh. These are categorized as minor non-malicious documentation errors.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 11:31 PM