bolt
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to ingest and analyze untrusted project source code.
- Ingestion points: Local source code files, database query results, and profiling metrics are read into the agent's context during the PROFILE phase.
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions to wrap untrusted content.
- Capability inventory: The agent can execute shell commands (npx, node), modify files, and perform database operations.
- Sanitization: No explicit sanitization or pre-processing of the analyzed code is defined.
- [COMMAND_EXECUTION]: The skill utilizes well-known profiling and benchmarking tools, including clinic.js, autocannon, and 0x, which are executed via the command line to generate performance metrics.
- [EXTERNAL_DOWNLOADS]: The skill recommends and references reputable open-source packages and tools from the NPM registry and official documentation sites for performance analysis.
Audit Metadata