performance-profiler
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local Python scripts (
complexity-estimator.py,profile-parser.py, andbenchmark-designer.py) via theuvtool. These scripts are used for static analysis, parsing profiler output, and generating benchmark templates as part of the skill's core functionality. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted external content.
- Ingestion points: Untrusted data is ingested when reading source code in
complexity-estimator.py(Mode 1), parsing profiler logs inprofile-parser.py(Mode 2), and analyzing git diffs (Mode 5). - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions embedded within the analyzed code or logs.
- Capability inventory: The skill possesses file-reading capabilities and the ability to execute its own bundled scripts, which could be leveraged if an injection attack successfully influences the agent's logic.
- Sanitization: While the
dashboard.htmltemplate performs basic HTML escaping for its UI report, there is no validation or sanitization performed on the input data before it is presented to the LLM for performance analysis.
Audit Metadata