Skills
skills/terryc21/xcode-workflow-skills/performance-check/Gen Agent Trust Hub

performance-check

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute standard git commands (git status, git commit). These operations are used for repository maintenance before and after analysis and are gated by user confirmation via AskUserQuestion.
  • [DATA_EXFILTRATION]: No network activity or unauthorized data access was detected. The skill reads local project files and writes its findings to a report within the local .agents/research/ directory.
  • [PROMPT_INJECTION]: The skill scans external source code, creating a potential surface for indirect prompt injection. However, it contains no instructions to bypass the agent's core safety filters or manipulate its system prompt.
  • Ingestion points: Source code files are processed through Grep and Read operations in Step 2 and Step 3.
  • Boundary markers: None implemented for input data.
  • Capability inventory: Includes Bash, Write, and AskUserQuestion tools.
  • Sanitization: Content from scanned files is analyzed directly without prior filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 07:58 PM