beam-debug-issue-tasks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill documentation specifies network requests to api.bid.beamstudio.ai and tracing.beamstudio.ai, which are not included on the global whitelist.
- [Prompt Injection] (LOW): The skill processes external trace data, which represents an indirect prompt injection surface. 1. Ingestion points: Trace data is ingested from the Langfuse API. 2. Boundary markers: No delimiters or ignore instructions are present to prevent the agent from executing instructions embedded in the trace data. 3. Capability inventory: The skill uses the requests library for network operations and writes debug reports to the local file system. 4. Sanitization: No sanitization or validation of the retrieved trace content is documented before it is processed into a debug report.
Audit Metadata