skills/pluginagentmarketplace/custom-plugin-flutter/custom-plugin-flutter-skill-performance/Gen Agent Trust Hub
custom-plugin-flutter-skill-performance
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- Metadata Poisoning (MEDIUM): The skill's description claims '1600+ lines of performance optimization mastery', but the provided files contain fewer than 200 lines. This is a deceptive practice used to misrepresent the skill's complexity.
- External Downloads & Remote Code Execution (HIGH): Automated security scans identified a malicious blacklisted URL within the
proguard-rules.profile. TheSKILL.mdfile explicitly instructs users to include this file in their release build configuration (minifyEnabled true). Malicious ProGuard rules can be used to fetch remote resources or execute logic during the build process, potentially compromising the integrity of the final application binary.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata