performance-profiling
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns detected. The skill contains instructional content related to web performance optimization and references a local script for Lighthouse audits.\n- Indirect Prompt Injection (SAFE): The skill identifies a data ingestion surface via external URLs passed to the profiling script. While this is an ingestion point for untrusted data, the tool's purpose is performance measurement rather than natural language processing of the site content, presenting no immediate risk.\n
- Ingestion points: URL argument for scripts/lighthouse_audit.py in SKILL.md.\n
- Boundary markers: None specified in the markdown documentation.\n
- Capability inventory: Local execution of the Lighthouse audit script.\n
- Sanitization: The script is expected to handle the URL as a target for metric gathering.
Audit Metadata