Skills
skills/proffesor-for-testing/agentic-qe/performance-testing/Gen Agent Trust Hub

performance-testing

Warn

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The SKILL.md file contains instructions for the agent to update a local run-history.json file by executing a shell command via node -e. This involves dynamic execution of JavaScript and direct file system modification.
  • [COMMAND_EXECUTION]: The history update instruction interpolates variables such as P95, RPS, and ERR into a shell command string. This creates a surface for indirect command injection if data from untrusted tool outputs is processed without sanitization.
  • [EXTERNAL_DOWNLOADS]: The skill references the grafana/k6-action GitHub action in its documentation, which is an external dependency from a well-known service provider.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 19, 2026, 08:03 AM