Skills
skills/notque/claude-code-toolkit/perses-dashboard-review/Gen Agent Trust Hub

perses-dashboard-review

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes external dashboard definitions.
  • Ingestion points: Dashboard JSON is retrieved in Phase 1 (FETCH) using MCP tools or the percli command-line utility.
  • Boundary markers: The instructions do not define specific delimiters or warnings to ignore instructions embedded within the dashboard metadata (e.g., in panel descriptions or titles).
  • Capability inventory: The skill is granted access to powerful tools including Bash, Write, Edit, and Agent (sub-agent invocation).
  • Sanitization: There is no mention of sanitizing or escaping dashboard content before it is passed to the LLM for analysis.
  • [COMMAND_EXECUTION]: The skill is configured to use the Bash tool to interact with the percli CLI for fetching and applying dashboard configurations. This is an intended behavior for its primary purpose as a dashboard engineer tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:27 PM
Security Audit — agent-trust-hub — perses-dashboard-review