debugging-code
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the 'dap' CLI tool and its associated release metadata directly from the author's repository on GitHub.
- Evidence: 'scripts/install-dap.sh' performs curl requests to 'api.github.com' and 'github.com/AlmogBaku/debug-skill'.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the 'js-debug' adapter from a trusted Microsoft repository.
- Evidence: 'references/installing-debuggers.md' provides a command sequence to download and extract a tarball from 'github.com/microsoft/vscode-js-debug'.
- [COMMAND_EXECUTION]: The installation script modifies user shell configuration files to update the system PATH.
- Evidence: 'scripts/install-dap.sh' suggests appending an export command to shell-specific resource files like '.bashrc' or '.zshrc'.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting and presenting untrusted debugger data to the agent.
- Ingestion points: Source code, local variable values, and call stack frames retrieved via the 'dap' tool in 'SKILL.md'.
- Boundary markers: Absent; the system does not use specific delimiters or instructions to ignore potential commands embedded in the debugger's output.
- Capability inventory: The agent possesses the 'Bash' tool with broad execution rights for the 'dap' command, as defined in 'SKILL.md'.
- Sanitization: No evidence of output sanitization or validation exists for data returned from the debugger processes before it is integrated into the agent's context.
Audit Metadata