cache-optimizer
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill analyzes external content (React components) and possesses high-privilege capabilities (Write, Edit), creating a significant attack surface.
- Ingestion points: Processes untrusted local code through the Read, Grep, and Glob tools as defined in the skill's trigger conditions.
- Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore embedded instructions within the data being analyzed.
- Capability inventory: The skill is granted Write and Edit permissions, which could be exploited to perform unauthorized file system modifications if the agent follows malicious instructions hidden in code comments or strings.
- Sanitization: No sanitization or validation logic is defined to mitigate the risk of processing malicious inputs.
Recommendations
- AI detected serious security threats
Audit Metadata