systematic-debugging
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill provides templates for executing shell commands, including environment inspection ('env'), keychain management ('security'), and code signing ('codesign'), which the agent is encouraged to use during debugging.
- DATA_EXFILTRATION (HIGH): Instructions to 'Log what data enters component' and 'Log what data exits component' pose a high risk of exposing secrets, tokens, or PII into logs. The example bash script specifically attempts to inspect 'IDENTITY' variables and keychain contents.
- PROMPT_INJECTION (HIGH): Category 8 (Indirect Prompt Injection) surface identified. 1. Ingestion points: Phase 1 (Error messages, Git diffs, and Logs). 2. Boundary markers: Absent. 3. Capability inventory: Phase 1 Step 4 (Shell command execution). 4. Sanitization: Absent. Malicious content in error messages or code diffs could influence the agent's debugging logic or command execution.
Recommendations
- AI detected serious security threats
Audit Metadata