system-profile
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of system profiling tools (e.g., perf, strace, nvidia-smi) and user-provided target scripts. It also generates and executes instrumentation code at runtime to capture performance metrics.
- [PROMPT_INJECTION]: The skill analyzes external source code and user-provided arguments, creating a surface for indirect prompt injection. \n- Ingestion points: Target source code files; user-supplied $ARGUMENTS. \n- Boundary markers: Absent; the skill does not use delimiters to isolate untrusted code during analysis or execution. \n- Capability inventory: File system modification (instrumentation), shell command execution (profiling tools and targets), and system monitoring. \n- Sanitization: Absent; no logic is present to validate or escape the contents of the target code before it is processed or executed.
Audit Metadata