Skills
skills/dkyazzentwatwa/chatgpt-skills/code-profiler/Gen Agent Trust Hub

code-profiler

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • Dynamic Execution (LOW): The profile_script method in scripts/code_profiler.py uses compile() and exec() to execute Python code from a file for profiling purposes. While dynamic execution is a sensitive capability, it is the primary function of this skill. Severity is reduced from MEDIUM to LOW per the primary skill purpose rule.
  • Indirect Prompt Injection (LOW): The skill processes external Python scripts, creating a surface for indirect prompt injection if the ingested data contains malicious instructions targeting the agent or the execution environment. 1. Ingestion points: scripts/code_profiler.py via the script_path parameter. 2. Boundary markers: Absent. 3. Capability inventory: File system read/write (open), dynamic code execution (exec, compile). 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:00 PM