vm-trace-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted JSON trace files.
- Ingestion points: User-provided trace JSON is read in SKILL.md and processed via scripts/parse_trace.py.
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore potential instructions embedded in trace message fields.
- Capability inventory: The skill utilizes subprocess calls to execute local analysis scripts.
- Sanitization: No sanitization is performed on the trace data before the agent interprets it for report generation.
- [EXTERNAL_DOWNLOADS]: The skill fetches official VictoriaMetrics changelogs from GitHub.
- The scripts/check_changelog.py script downloads markdown files from the official VictoriaMetrics repository on github.com. This aligns with the skill's purpose and uses a well-known, trusted service.
- [COMMAND_EXECUTION]: The skill executes local Python scripts to analyze data.
- SKILL.md contains instructions to run scripts/parse_trace.py and scripts/check_changelog.py to extract performance metrics and version information.
Audit Metadata