linux-perf

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill is documentation-only and instructs how to use Linux perf and generate flamegraphs. Its capabilities match its stated purpose. The main risks are operational: it instructs use of sudo and kernel configuration changes (necessary for full perf functionality) and to clone and run scripts from GitHub (expected but a supply-chain consideration). There is no evidence of obfuscation, credential harvesting, or malicious behavior embedded in the provided content. Recommended: treat git-cloned scripts as untrusted until reviewed, and avoid running privileged commands automatically without user consent. LLM verification: BENIGN: The skill fragment is coherent with its purpose (Linux perf profiling guidance) and uses standard, reputable tooling. No suspicious data flows, credential handling, or hidden backdoors are evident. Minor scanner flags relate to documentation examples rather than executable code with malicious behavior.