perf-profiler
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to facilitate the execution of system-level performance profiling utilities such as
perfandjfr. It extracts thetoolandcommanddirectly from the$ARGUMENTSvariable without verifying if the requested tool or command is safe or authorized. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection.
- Ingestion points: The
$ARGUMENTSplaceholder inSKILL.mdserves as an entry point for untrusted data into the agent's context. - Boundary markers: There are no explicit delimiters or 'ignore' instructions implemented to prevent the agent from being misled by instructions embedded within the user-provided arguments.
- Capability inventory: The skill is intended to run profiling tools, capture hot paths, and generate flame graphs, which requires the capability to execute system commands and access process information.
- Sanitization: The JavaScript snippet used for parsing arguments lacks any form of sanitization, regex validation, or allow-listing to restrict the input to safe profiling commands.
Audit Metadata