The Agent Skills Directory

[SAFE]: The skill exhibits no malicious patterns, prompt injections, or attempts to exfiltrate data. All instructions and scripts are consistent with the stated purpose of performance benchmarking.
[COMMAND_EXECUTION]: The workflow involves executing standard developer commands such as uv run, pip install, and curl. These are used appropriately for managing local virtual environments, installing the internal rag_perf package, and performing health checks or configuration retrieval from local/deployed RAG servers.
[EXTERNAL_DOWNLOADS]: The skill uses uv sync to manage dependencies, which involves downloading verified Python packages from standard registries. It also references official NVIDIA GitHub repositories for its source and upstream documentation, which are categorized as trusted sources.
[SAFE]: The inclusion of an evaluation report (BENCHMARK.md) and a digital signature bundle (skill.oms.sig) indicates a robust verification process and supply chain integrity. Minor observations in the evaluation report, such as PII patterns in documentation, are typical of development-focused guidance and do not pose an active security threat.

rag-perf