Skills
skills/orcaqubits/agentic-commerce-skills-plugins/woo-performance/Gen Agent Trust Hub

woo-performance

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface.
  • Ingestion points: The skill uses WebSearch and WebFetch tools to retrieve live documentation and optimization details from external websites (SKILL.md).
  • Boundary markers: Absent. There are no instructions to the agent to treat external content as untrusted or to ignore instructions embedded within the fetched data.
  • Capability inventory: The skill is authorized to use Bash, Write, and Edit tools (SKILL.md), which provides a capability path that could be exploited if malicious instructions are ingested.
  • Sanitization: Absent. The instructions do not define validation or sanitization steps for the data retrieved from the web.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 06:10 AM