perf
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes various system commands and developer tools to locate benchmarks, perform profiling, and run comparison analysis. This includes standard utilities like
grepandfind, as well as language-specific runtimes and tools such asgo test,python,node,cargo, andhyperfine. - [EXTERNAL_DOWNLOADS]: The instructions reference several third-party profiling and benchmarking utilities (e.g.,
py-spy,clinic.js,0x,hyperfine). While it does not automatically download or install them, it suggests their use and provides command-line examples for their execution. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data (source code and benchmark outputs) and possesses the capability to execute commands based on its analysis.
- Ingestion points: Local source code files (scanned in
SKILL.mdviagrepandfind) and raw benchmark output files (read for metric extraction and comparison). - Boundary markers: The skill does not define explicit boundary markers or provide instructions to the agent to ignore potentially malicious content embedded within the files it analyzes.
- Capability inventory: The skill utilizes shell command execution across various language environments (Go, Python, Node, Rust) and system-level profiling tools (found in
SKILL.mdandscripts/validate.sh). - Sanitization: There is no evidence of sanitization, validation, or escaping of the content retrieved from the analyzed files before it is processed or included in the final performance reports.
Audit Metadata