Instruments Profiling
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is a benign guide for profiling apps, but its suggested xctrace commands can run or attach to local apps and may require Developer Tools permission.
This skill is safe to treat as a profiling reference. Before running its commands, confirm the target app path or PID, understand that trace files may contain details about the profiled app’s execution, and only grant Developer Tools permission when you need it.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the command can collect performance traces and stack information from the selected local process.
The skill instructs users how to attach Instruments/xctrace to a running process. This is central to profiling, but users should ensure the PID or process name is the intended app.
`xcrun xctrace record --template 'Time Profiler' --time-limit 60s --output /tmp/App.trace --attach <pid>`
Only attach to apps you intend to profile, confirm the process path first, and avoid profiling unrelated or sensitive processes.
Terminal or Xcode may gain broader ability to debug or profile local software while that permission remains enabled.
The skill discloses a local permission requirement for profiling. This is purpose-aligned, but granting Developer Tools permission changes what Terminal or Xcode can do on the system.
`xctrace` may need Developer Tools permission. ... allow Terminal/Xcode.
Grant Developer Tools permission only if needed for the profiling task, and revoke it later if you do not want Terminal or Xcode to keep that access.