Optimize
Warn
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary shell commands through the
--measureand--extractarguments. These commands are run locally to evaluate metrics such as performance, latency, or bundle size during the optimization loop. - [EXTERNAL_DOWNLOADS]: Examples provided in the documentation use common package managers and runtimes, including
npx,bun, anduv, to fetch and execute software from well-known public registries. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the ingestion of external target files.
- Ingestion points: The skill reads content from files or directories specified in the
--targetargument (e.g., skills, prompts, and agent definitions) to analyze their purpose. - Boundary markers: There are no documented delimiters or instructions to ignore malicious content embedded within the target files.
- Capability inventory: The skill possesses high-privilege capabilities, including executing shell commands, reading arbitrary local files, and modifying files on the filesystem.
- Sanitization: The skill does not implement validation for the shell commands or sanitization of the content read from target files before processing.
Audit Metadata