Skills
skills/pluginagentmarketplace/custom-plugin-java/java-performance/Gen Agent Trust Hub

java-performance

Fail

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): Indirect Prompt Injection vulnerability. The skill provides templates for executing sensitive diagnostic tools via the Bash tool.
  • Ingestion points: The agent ingests external/untrusted data in the form of process IDs (PIDs), file paths, or application names from the environment or user input to populate commands in SKILL.md (e.g., jmap -dump:...,file=heap.hprof <pid>).
  • Boundary markers: None. There are no delimiters or instructions to treat user-provided PIDs or paths as untrusted data.
  • Capability inventory: The skill allows Bash, Write, and Read tools, enabling arbitrary command execution and file system modification.
  • Sanitization: No sanitization or validation logic is present to prevent command injection via manipulated PIDs or file paths.
  • [COMMAND_EXECUTION] (MEDIUM): The skill documentation encourages the execution of tools like jstack, jmap, and jcmd. While standard for performance tuning, these tools provide access to sensitive thread states and full heap dumps which may contain credentials, PII, or other sensitive runtime data.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 15, 2026, 09:10 PM