performance-tester

Security checks across malware telemetry and agentic risk

Overview

This skill is a performance-testing guide with powerful examples that users should run only in authorized test environments.

Install this only if you need performance-testing help. Run generated tests only against systems you own or are explicitly authorized to test, prefer staging or isolated environments with synthetic data, keep checkout/payment flows sandboxed, and review CI schedules, production targets, concurrency, database writes, and cleanup before use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The examples include load, stress, spike, checkout, database write, and pgbench workloads that can generate substantial traffic and modify state, yet the file provides no clear warning to avoid running them against production or live customer data. In a performance-testing skill, this is especially risky because users may copy these examples directly into CI or shared environments, causing service degradation, outages, or unintended data changes.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal