ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Performance Profiler

v1.0.0

Profile and optimize application performance. Use when diagnosing slow code, measuring CPU/memory usage, generating flame graphs, benchmarking functions, load testing APIs, finding memory leaks, or optimizing database queries.

2· 2.9k·22 current·22 all-time
by@gitgoodordietrying
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (profiling, benchmarking, flame graphs, load testing) match the SKILL.md commands and examples. Declared required binaries (node, python3, go, curl, ab) are reasonable for the languages and load-testing techniques documented.
Instruction Scope
The SKILL.md stays focused on profiling and benchmarking across Node/Python/Go and load testing. It does instruct installing developer tools (pip packages, hyperfine, etc.) and running profilers against processes, which can execute code on the host — this is expected for a profiler guide but worth caution before running commands on production systems.
Install Mechanism
This is an instruction-only skill with no install spec and no files to write or execute by the platform installer; that minimizes installer risk.
Credentials
The skill requests no environment variables, no credentials, and no config paths. That aligns with its stated purpose.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence. It is user-invocable and can be called autonomously (platform default), which is normal for skills of this type.
Assessment
This skill is a coherent profiling and benchmarking recipe, but it contains commands that install packages and run profilers against your processes. Before using it: 1) review any install commands (pip, npm, system packages) and avoid blindly running third‑party installs; 2) run profiling and load tests in a safe/dev environment, not on sensitive production systems; 3) be aware some profilers may require elevated permissions or attach to running processes — grant only the minimum necessary privileges; 4) check any downloaded tools' official release pages (e.g., hyperfine on GitHub) before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk974r47173f0kz870jx9zf3chd80fbtr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Clawdis
OSLinux · macOS · Windows
Any binnode, python3, go, curl, ab

Comments