rspack-tracing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill analyzes untrusted trace files which could contain malicious instructions embedded in metadata fields like span names.
- Ingestion points: scripts/analyze_trace.js (reads user-provided trace.json files).
- Boundary markers: Absent; the analysis output lacks delimiters or warnings to ignore embedded instructions.
- Capability inventory: The agent is instructed to read local configuration files and source code based on the analysis results, creating an exploitation path.
- Sanitization: Absent; the analysis script directly prints the contents of JSON fields like
span.nameandfields.resource. - Command Execution (SAFE): The workflow involves running standard build and diagnostic commands such as
pnpm build,node, andtail. These are appropriate for the primary purpose of the skill and do not involve unsanitized user input in command arguments.
Audit Metadata