performance-engineer
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: ah-performance-engineer Version: 1.0.0 The skill bundle contains a bash script in `references/examples.md` (Example 6) that performs high-privilege system modifications, including kernel parameter tuning via `/etc/sysctl.conf`, CPU governor changes, and modifying system-wide file descriptor limits in `/etc/security/limits.conf`. While these actions are technically aligned with the stated purpose of performance engineering, they represent risky system-level capabilities that could impact system stability or security if executed. No evidence of intentional malice, data exfiltration, or unauthorized remote control was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running these SQL examples on a live database could change indexes or database-wide settings and affect availability or performance.
The database optimization example includes DDL and database configuration changes. These are aligned with performance engineering, but they can affect production behavior if copied without review.
CREATE INDEX CONCURRENTLY idx_orders_user_date_total ... ALTER SYSTEM SET max_connections = 200;
Treat SQL tuning snippets as examples only; test them in staging, review query plans and rollback options, and apply them through normal database change control.
Copying and running the shell snippet could persistently change host CPU, memory, or network behavior and may require root privileges.
The Linux performance tuning example writes to kernel/sysfs/proc settings and appends persistent sysctl configuration. This is expected for system tuning guidance, but it is privileged and environment-impacting.
for cpu in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor; do
echo performance > $cpu
done
...
cat >> /etc/sysctl.conf << EOFRun system tuning commands only on systems you control, after backing up configuration and validating the settings in a safe environment.