cjprof
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely documentation-based, providing instructions for a legitimate performance tool without including any hidden or malicious code.
- [COMMAND_EXECUTION]: The skill documents command-line usage for recording CPU usage and dumping heap memory. These instructions are transparent and consistent with the primary purpose of a performance profiler. The documented requirement for sudo to access kernel performance events is a legitimate technical necessity.
- [PROMPT_INJECTION]: The tool's ingestion of external data files constitutes an indirect prompt injection surface. Ingestion points: Data files processed via -i and -d flags. Boundary markers: Not specified in documentation. Capability inventory: CLI execution of cjprof. Sanitization: Not specified. This surface is inherent to profiling functionality and is assessed as safe.
Audit Metadata