performance-monitor

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python utility script (ledger.py) within the skill's root directory to record and compare SEO metrics. This is a core functional requirement for the skill's measurement loop.
  • [PROMPT_INJECTION]: The skill processes untrusted user data, such as domain names and metrics, which are then interpolated into shell commands. This creates a surface for potential indirect injection.
  • Ingestion points: User-provided <domain>, date ranges, and metric names in SKILL.md.
  • Boundary markers: No explicit delimiters or boundary markers are defined for the shell command interpolation.
  • Capability inventory: The skill utilizes subprocess execution via python3 to run internal telemetry scripts.
  • Sanitization: The instructions do not specify any explicit validation or sanitization for the user-supplied arguments used in the shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — performance-monitor