Security audit

performance-engineer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only performance engineering skill with relevant examples, but some examples need careful production review before use.

Safe to install as reference guidance. Do not run the host-tuning shell snippet, ALTER SYSTEM statements, index/materialized-view operations, or load tests against production systems without approval, backups, staging validation, rollback steps, and a maintenance window. Treat telemetry examples as templates that need privacy review, minimization, and an approved analytics destination.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The manifest description contains a vague invocation cue ('Use when: performance analysis framework, application profiling techniques, load testing strategies') that does not clearly bound when the skill should be selected. Overly broad routing language can cause an agent to invoke this skill in inappropriate contexts, increasing the chance of irrelevant guidance, unsafe tool use suggestions, or bypass of a more suitable specialized skill.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The shell example performs privileged, system-wide tuning by writing directly to /sys, /proc, /etc/sysctl.conf, and /etc/security/limits.conf, then applies changes with sysctl -p. In a reference/examples file for an agent skill, presenting these commands without strong warnings, environment constraints, rollback guidance, or safety checks can lead users or downstream agents to execute disruptive changes on production hosts, degrading stability, weakening hardening, or causing outages.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The SQL section includes disruptive operations such as CREATE INDEX CONCURRENTLY, CREATE MATERIALIZED VIEW, REFRESH MATERIALIZED VIEW CONCURRENTLY, CREATE TABLE PARTITION OF, and ALTER SYSTEM SET without any warning about lock behavior, resource consumption, privilege requirements, or production impact. While intended as performance guidance, these statements can trigger heavy load, persistent configuration changes, or service disruption if copied into live databases without review.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal