perf-profiler
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill logic processes untrusted user input via the $ARGUMENTS variable to determine which tools and commands to execute, creating a potential surface for indirect prompt injection.\n
- Ingestion points: Parsing logic in SKILL.md splits $ARGUMENTS into tool and command variables.\n
- Boundary markers: Absent. No delimiters or specific instructions are provided to help the agent distinguish between its own instructions and user-provided data.\n
- Capability inventory: The skill is designed to run CPU/memory profiling, generate flame graphs, and capture system-level performance evidence.\n
- Sanitization: None. No validation, escaping, or filtering of the input arguments is performed in the skill file.\n- [COMMAND_EXECUTION]: The skill architecture is designed to execute commands and tools based on user-provided arguments. Without a strictly enforced whitelist of allowed tools or flags, this design could be exploited to run unauthorized system commands through the agent's execution capabilities.
Audit Metadata