animate-performance
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted input and possesses the capability to modify the local filesystem. • Ingestion points: JavaScript files located within the 'js/' directory. • Boundary markers: No markers or 'ignore' instructions are defined to separate code from potential malicious prompts. • Capability inventory: Write access to the local filesystem via the 'auto-apply fixes' functionality. • Sanitization: No sanitization or verification of the scanned content is mentioned. An attacker could embed adversarial instructions in comments to compromise the agent's logic during the remediation phase.
- [Command Execution] (MEDIUM): The skill grants the 'performance-analyzer' agent the power to automatically overwrite project files based on its interpretation of untrusted data, which bypasses safe code-review practices.
Recommendations
- AI detected serious security threats
Audit Metadata