performance-profiling
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (MEDIUM): The skill requests
rootscope and theBashtool to executescripts/lighthouse_audit.py. Granting root privileges for web performance profiling exceeds standard security practices and increases the impact of any script vulnerabilities. - [PROMPT_INJECTION] (MEDIUM): High-risk indirect injection surface through the processing of external URLs. 1. Ingestion point: The
scripts/lighthouse_audit.pyscript takes a user-supplied or external URL as a parameter. 2. Boundary markers: No markers or instructions to ignore embedded instructions in the fetched data are present. 3. Capability: The agent has access toBashandrootscope while processing this external data. 4. Sanitization: There is no evidence of URL validation or output sanitization in the documentation.
Audit Metadata