profiling-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and installs a public third‑party tool (msprof‑analyze) as part of its runtime workflow—e.g., detect_slow_rank.py's install_msprof() clones https://gitee.com/ascend/mstt.git (and the SKILL docs show git clone https://gitcode.com/Ascend/mstt) and then executes that installed tool to analyze profiling data, so untrusted repository code and outputs can materially influence analysis decisions and subsequent tool invocations.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The detect_slow_rank.py script will at runtime clone and build the msprof tool from https://gitee.com/ascend/mstt.git (via git clone and running setup.py / pip install), which fetches and executes remote code that the skill can install and run, making this an external runtime dependency that executes remote code.