investigate
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate instructions for systematic debugging and utilizes standard development tools for their intended purposes, such as analyzing git history and running tests.
- [PROMPT_INJECTION]: No evidence of direct prompt injection, safety bypasses, or instructions to ignore previous system prompts were found.
- [DATA_EXFILTRATION]: No network operations or unauthorized access to sensitive data (e.g., credentials, SSH keys) were identified. Commands like 'git log' are used within the context of a local development environment.
- [REMOTE_CODE_EXECUTION]: The skill does not download external scripts or execute code from remote sources.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze external data such as stack traces, error logs, and test reports.
- Ingestion points: Error messages, stack traces, and test output read via the Read and Bash tools.
- Boundary markers: The instructions do not specify using delimiters or provide warnings to ignore potentially malicious instructions embedded in log data.
- Capability inventory: The agent has access to tools including Bash, Read, Edit, and Glob.
- Sanitization: There is no instruction to sanitize or validate the content of error logs before processing.
Audit Metadata