debug-tools
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands, specifically
grep, to locate and remove[DEBUG]logs across multiple file types during the cleanup phase as documented inlog-cleanup.md. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and analyzes untrusted source code and runtime console logs.
- Ingestion points: Processes project source code and user-provided console logs in
investigation.mdandlog-injection.md. - Boundary markers: Lacks explicit delimiters or instructions for the agent to ignore instructions embedded in the analyzed code or logs.
- Capability inventory: Possesses file system read/write access and shell command execution (
grep) for log management. - Sanitization: Does not implement validation or escaping of external content before it is incorporated into the agent's context.
Audit Metadata