164-java-profiling-verify
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions are well-documented and focused on legitimate Java performance profiling tasks using local tools and scripts.
- [COMMAND_EXECUTION]: The skill uses local shell commands (ls, wc, curl, touch, git, chmod) and executes local scripts (run-with-profiler.sh, java-profile.sh). These operations are standard for development environments and are scoped to the project's 'profiler/' directory.
- [DYNAMIC_EXECUTION]: The skill includes an instruction to generate a local load-test script ('load-test.sh') using a static template. This is a common and legitimate practice for creating reproducible test scenarios.
- [DATA_EXPOSURE]: Network operations are restricted to local environment health checks and API calls (e.g., 'http://localhost:8080/actuator/health'), with no evidence of external data exfiltration.
- [SAFE]: No obfuscation, prompt injection, or persistence mechanisms were detected in the instructions or metadata.
Audit Metadata