Skills
skills/ajshedivy/ibmi-agent-skills/performance/Gen Agent Trust Hub

performance

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the ibmi CLI tool to execute SQL queries on the target IBM i system. All predefined tools are restricted to read-only operations.
  • [DATA_EXFILTRATION]: The skill retrieves system-level performance, disk, and memory metrics from QSYS2 tables. This data access is aligned with the skill's primary purpose of performance monitoring.
  • [PROMPT_INJECTION]: The skill ingests data from system tables (e.g., job names, storage bucket names), which constitutes a potential surface for indirect prompt injection.
  • Ingestion points: Results from SQL queries executed in tools/performance.yaml enter the agent context.
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Access to the ibmi CLI for system interaction.
  • Sanitization: The get_temp_storage_by_job tool utilizes parameterization (:limit) for user-supplied values to prevent SQL injection.
  • [SAFE]: Connection configuration in tools/performance.yaml uses ignore-unauthorized: true to bypass TLS certificate validation, which is typical for internal system monitoring.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 10:54 PM