performance-monitor
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python utility script (
ledger.py) within the skill's root directory to record and compare SEO metrics. This is a core functional requirement for the skill's measurement loop. - [PROMPT_INJECTION]: The skill processes untrusted user data, such as domain names and metrics, which are then interpolated into shell commands. This creates a surface for potential indirect injection.
- Ingestion points: User-provided
<domain>, date ranges, and metric names inSKILL.md. - Boundary markers: No explicit delimiters or boundary markers are defined for the shell command interpolation.
- Capability inventory: The skill utilizes subprocess execution via
python3to run internal telemetry scripts. - Sanitization: The instructions do not specify any explicit validation or sanitization for the user-supplied arguments used in the shell commands.
Audit Metadata