Skills
skills/abcfed/claude-marketplace/tapd-bug-analyzer/Gen Agent Trust Hub

tapd-bug-analyzer

Warn

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script (sls-query.py) located in the sls-trace-analyzer skill directory. It constructs shell commands by interpolating variables like <traceId> and <完整URL含时间戳> directly into the command line.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection due to the lack of sanitization when processing external data from TAPD.
  • Ingestion points: The bug description field fetched from the TAPD API via the mcp__mcp-server-tapd__get_bug tool.
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings to the agent to ignore potentially malicious control characters or instructions embedded within the bug description.
  • Capability inventory: Execution of a local Python script via a shell command and access to the local codebase via the codebase-retrieval tool.
  • Sanitization: Absent. The skill uses basic regex for extraction but does not validate or escape the extracted strings before they are used in a shell command string, which could allow for command injection if an attacker crafts a bug description containing shell metacharacters like backticks or subshells.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 19, 2026, 08:52 AM