fix-bug
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted user input ($BUG_DESCRIPTION) to generate code logic.
- Ingestion points: $BUG_DESCRIPTION in SKILL.md.
- Boundary markers: Absent.
- Capability inventory: File write (tests/e2e/regression/) and command execution (running Playwright tests).
- Sanitization: Absent.
- [Dynamic Execution] (MEDIUM): The agent is instructed to generate a TypeScript file and execute it.
- Evidence: Step 2 requires writing to 'tests/e2e/regression/[bug-id].spec.ts' and running the test.
- Risk: A malicious bug description could trick the agent into embedding harmful commands within the test script.
- Note: The verdict is lowered to LOW as this behavior is fundamental to the skill's primary purpose.
Audit Metadata