Skills
skills/steipete/agent-scripts/native-app-performance/Gen Agent Trust Hub

native-app-performance

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple system utilities such as xctrace, otool, atos, and vmmap to perform performance analysis. \n
  • Python scripts use subprocess.check_call and subprocess.check_output with arguments passed as lists, which is a secure practice to prevent shell injection. \n
  • The shell script record_time_profiler.sh appropriately quotes variables used in commands to prevent argument splitting. \n- [DATA_EXFILTRATION]: The profiling process involves using vmmap to inspect the memory map of running processes and xctrace to record execution samples. This is standard behavior for a profiler but involves reading internal process state. \n- [PROMPT_INJECTION]: The skill parses XML sample data extracted from traces, creating an indirect prompt injection surface. \n
  • Ingestion points: scripts/top_hotspots.py reads XML data from the path provided to the --samples argument. \n
  • Boundary markers: No delimiters or warnings are used for the processed XML data. \n
  • Capability inventory: The skill performs file reads, writes, and executes system binaries (otool, atos, xctrace) via subprocess. \n
  • Sanitization: The script uses xml.etree.ElementTree for parsing, which is not resistant to malicious XML constructs like expansion entities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 09:28 PM