performance-optimization
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is purely instructional and documentation-based, providing a diagnostic framework rather than executing arbitrary external code. It leverages trusted external resources from established organizations such as Google, PostgreSQL, Unity, and Epic Games for technical guidance.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because its primary function is to ingest and analyze external artifacts like browser traces, logs, and query plans. While these artifacts could theoretically contain malicious instructions designed to influence the agent, the skill does not include any logic to execute untrusted input, and this risk is inherent to diagnostic tools. Ingestion points: Performance artifacts like traces, reports, and query plans identified in SKILL.md and references/intake-packets-and-escalations.md. Boundary markers: No explicit markers defined to delimit untrusted artifact data. Capability inventory: Read, Grep, Glob, Bash, Write. Sanitization: No explicit sanitization or validation of input artifact content.
Audit Metadata