perfetto-trace-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's mandatory Execution Protocol (Step 0) instructs the agent to download and run the Perfetto wrapper from the public URL https://get.perfetto.dev/trace_processor, which is untrusted third-party content that the agent must fetch and execute as part of its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's mandatory Execution Protocol Step 0 instructs downloading and running a remote wrapper via "curl -LO https://get.perfetto.dev/trace_processor && chmod +x ./trace_processor", which fetches and executes remote code (and lazy-loads a binary) and is required for the skill to run.