perf-ops
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to detect installed performance utilities and gather system baseline metrics like CPU, memory, and disk I/O usage. These operations are limited to standard system monitoring commands (e.g., top, free, iostat).
- [EXTERNAL_DOWNLOADS]: The reference documentation provides installation instructions for well-known and trusted performance tools, including k6, clinic.js, and py-spy. The k6 installation process involves adding an official GPG key and repository from a well-known service provider (Grafana).
- [REMOTE_CODE_EXECUTION]: While the skill orchestrates the execution of profiling tools, it does not involve running arbitrary remote scripts from untrusted sources. All profiling and benchmarking operations are performed using established, locally-installed tools or well-known packages from official registries.
- [DATA_EXFILTRATION]: The skill reads profiling artifacts (e.g., .prof, .svg, .bin files) to interpret performance bottlenecks. No evidence of unauthorized data exfiltration or credential harvesting was detected.
- [PROMPT_INJECTION]: The skill implements a multi-agent orchestration pattern with structured templates. It does not contain instructions aimed at bypassing AI safety guardrails or overriding system prompts.
Audit Metadata