The Agent Skills Directory

Privilege Escalation (MEDIUM): The skill provides instructions and code snippets requiring administrative privileges to perform low-level system profiling.\n
Evidence: sudo py-spy record --pid $(pgrep -f uvicorn) located in SKILL.md and references/profiling.md.\n
Context: Required for sampling profilers to attach to running processes, but presents a risk of privilege abuse if used by an autonomous agent without strict oversight.\n- Unverifiable Dependencies & Remote Code Execution (LOW): The skill recommends using npx and various package managers to fetch and execute external diagnostic tools at runtime.\n
Evidence: npx vite-bundle-visualizer and ANALYZE=true npm run build in SKILL.md.\n
Evidence: References to installing snakeviz, locust, k6, and memory_profiler via pip and npm.\n
Context: Necessary for the stated purpose of performance analysis, but involves executing code from external registries which may be unvetted.\n- Data Exposure & Exfiltration (LOW): The skill involves querying internal database performance views that contain sensitive information.\n
Evidence: Queries targeting pg_stat_statements in SKILL.md and references/database-optimization.md.\n
Context: These views expose full SQL query strings, which may include sensitive PII or business logic in filter values, although the primary purpose is identifying slow queries.\n- Indirect Prompt Injection (LOW): The skill is designed to ingest and process outputs from external tools like Lighthouse and database logs, creating an attack surface for indirect instructions.\n
Ingestion points: lighthouse JSON/HTML audit reports, pg_stat_statements query logs.\n
Boundary markers: Absent in implementation scripts.\n
Capability inventory: Shell command execution via py-spy, file system access for profile generation, and network operations for load testing.\n
Sanitization: No explicit sanitization or validation of external tool outputs before processing.

performance-optimization