benchmark
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It instructs the agent to navigate to external URLs and benchmark API endpoints, which could host malicious instructions designed to influence agent behavior.\n
- Ingestion points: External URLs (Mode 1) and API responses (Mode 2) as specified in SKILL.md.\n
- Boundary markers: Absent; there are no instructions provided to the agent to delimit or treat the external content as untrusted data.\n
- Capability inventory: The agent is tasked with browser automation, network interactions, and writing benchmark results to the local
.ecc/benchmarks/directory.\n - Sanitization: No filtering or validation of the retrieved external data is described.\n- [COMMAND_EXECUTION]: The skill involves the execution of build-related commands (e.g., Docker, TypeScript, and linting) to measure performance. These operations are core to the skill's stated purpose and do not appear to involve arbitrary or malicious command injection.
Audit Metadata