error-detective
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted external data, such as stack traces and log files, which constitutes a surface for indirect prompt injection.
- Ingestion points: Log files and stack traces processed via the 'scripts/debug_helper.py' script or direct LLM input.
- Boundary markers: Absent; the skill lacks explicit instructions to ignore or delimit embedded instructions within the logs.
- Capability inventory: The skill references local execution of 'scripts/debug_helper.py' for session management and parsing.
- Sanitization: No evidence of sanitization or validation of external log content is provided.
- [COMMAND_EXECUTION]: The documentation provides usage examples for a local Python utility, 'scripts/debug_helper.py', indicating that the skill relies on local command execution to perform log analysis and session management.
Audit Metadata