go-performance
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill defines parameters
profile_typeanddurationwhich are used to construct shell commands for Go profiling. - Ingestion points: Parameters
profile_typeanddurationdefined inSKILL.md. - Boundary markers: Absent. There are no delimiters or specific instructions to treat these values as untrusted data or to separate them from the command structure.
- Capability inventory: The skill documentation provides command templates for
go tool pprofandcurl -owhich involve shell execution and file writing. - Sanitization: Absent. The skill does not provide instructions to the agent to validate or escape these parameters, creating a vulnerability where an attacker could provide values like
cpu; rm -rf /to execute arbitrary commands. - Command Execution (MEDIUM): The skill's primary function is to guide the agent in executing various shell commands (
go tool,go test,curl). While standard for a profiling tool, these capabilities serve as a high-impact primitive for exploitation if the agent's logic is subverted through the identified injection surface.
Recommendations
- AI detected serious security threats
Audit Metadata