nav-diagnose
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill monitors user chat for specific feedback or frustration phrases to trigger diagnostic steps, creating a surface for indirect prompt injection. 1. Ingestion points: User conversation messages (Step 1). 2. Boundary markers: Absent. 3. Capability inventory: Read, Write, and Bash tools. 4. Sanitization: No sanitization identified for user-provided triggers.
- [COMMAND_EXECUTION] (LOW): The skill includes internal logic for severity calculations (Step 1) and requests permissions for the Bash tool, which involves processing and potentially acting upon dynamically generated session state.
Audit Metadata