linux-perf

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly runs "git clone https://github.com/brendangregg/FlameGraph" and then executes the downloaded Perl scripts (./FlameGraph/stackcollapse-perf.pl and ./FlameGraph/flamegraph.pl), so it fetches and executes remote code at runtime from that URL.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs using sudo to install packages and to lower or bypass kernel security settings (e.g., changing kernel.perf_event_paranoid, writing to /etc/sysctl.d, echoing to /proc/sys/kernel/kptr_restrict), which modify system files and security posture and thus can compromise the machine state.