performance-audit
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external, potentially untrusted web pages.
- Ingestion points: Uses
browser-devtools-clito navigate to external URLs and retrieve performance data, HTTP requests, and console messages (SKILL.md). - Boundary markers: No specific boundary markers or instructions to ignore embedded commands within the analyzed content are provided.
- Capability inventory: Features capabilities for browser navigation, console message retrieval, screenshot capture, and Node.js process debugging via
node-devtools-cli. - Sanitization: There is no evidence of sanitization or filtering of the content retrieved from external sites before it is processed by the agent.
- [COMMAND_EXECUTION]: The skill uses specialized CLI tools to perform system-level performance monitoring and debugging.
- Evidence: Employs
node-devtools-clito attach to Node.js processes using a Process ID (--pid) and to set tracepoints at specific source code locations (SKILL.md). These capabilities are characteristic of debugging tools and are consistent with the skill's primary objective of backend performance auditing.
Audit Metadata