when-profiling-performance-use-performance-profiler

Fail

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The script 'slash-command-profile.sh' and subagent logic in 'subagent-performance-profiler.md' invoke 'npx claude-flow@alpha' multiple times. This results in the download and execution of external code from an unverified NPM package that is not part of the trusted organizations or a well-known service.
  • [COMMAND_EXECUTION]: The skill utilizes high-level system monitoring tools like 'strace', 'tcpdump', 'perf', and 'instruments' to perform I/O and network profiling. Execution of these tools often requires administrative privileges and can be used to capture sensitive system information such as syscall data and network packets.
  • [PROMPT_INJECTION]: The skill's workflow involves reading and analyzing arbitrary project source code and logs to generate optimizations, which facilitates indirect prompt injection.
  • Ingestion points: Project source code, database logs, and external API responses are ingested for analysis in 'subagent-performance-profiler.md'.
  • Boundary markers: No delimiters or warnings to ignore embedded instructions were found in the prompt construction or interpolation logic for the optimizer agents.
  • Capability inventory: The skill can execute shell commands via 'npx' and system profilers, write optimization patches to the filesystem, and apply code changes using a coder agent.
  • Sanitization: There is no evidence of sanitization or validation of the ingested code or log content before it is passed to the LLM agents for processing.
  • [EXTERNAL_DOWNLOADS]: The skill explicitly relies on 'claude-flow@alpha' as a dependency in 'SKILL.md' and uses 'npx' to fetch it at runtime. The source of this package is not verified and poses a supply chain risk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 26, 2026, 03:22 AM
Security Audit — agent-trust-hub — when-profiling-performance-use-performance-profiler