rag-perf
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary purpose is performance benchmarking of RAG (Retrieval-Augmented Generation) servers. The instructions focus on configuring YAML-driven load tests and interpreting resulting metrics such as TTFT (Time To First Token) and throughput.
- [COMMAND_EXECUTION]: The skill uses
uv,python, andcurlto manage environments, run tests, and check server status. These commands are appropriately scoped and defined within theallowed-toolssection for legitimate benchmarking tasks. - [EXTERNAL_DOWNLOADS]: Dependencies like
pytest-asyncioandaiperfare installed through standard Python package managers (uv,pip). The skill references resources from a well-known organization's public repository, which is standard practice for open-source development tools. - [DATA_EXPOSURE]: The tool processes benchmarking datasets in
.jsonland.csvformats and writes performance reports to a local directory. There is no evidence of unauthorized access to sensitive system files, environment variables, or user credentials.
Audit Metadata