Skills
skills/mthines/agent-skills/profile-optimizer/Gen Agent Trust Hub

profile-optimizer

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to analyze performance data provided by the user in the form of JSON profile files. No malicious code, obfuscation, or unauthorized data access was detected.
  • [COMMAND_EXECUTION]: The skill utilizes standard command-line tools such as jq, grep, file, and gunzip for data processing and file identification. These operations are performed on user-provided local files and do not involve remote code execution or privilege escalation.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted data from profile files. However, the analysis is performed using structural tools like jq, which limits the risk.
  • Ingestion points: Processes user-provided .json, .reactprofile, and .cpuprofile files (specified in SKILL.md and rules/input-detection.md).
  • Boundary markers: No explicit instructions are present to disregard embedded instructions within the profiles, though the structural nature of the processing provides inherent protection.
  • Capability inventory: The skill uses jq, grep, file, and gunzip to process the files and invokes a separate confidence skill for result verification.
  • Sanitization: There is no explicit sanitization of the content within the profile files before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 07:23 AM