systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The "find-polluter.sh" utility executes "npm test" on discovered local files to isolate side-effect-causing test cases.
- [COMMAND_EXECUTION]: "SKILL.md" contains examples of shell commands for diagnostic instrumentation, including "security list-keychains", "security find-identity", and "codesign".
- [DATA_EXFILTRATION]: Examples in "SKILL.md" for multi-component system diagnostics include commands to display environment variables ("env | grep") and keychain identities, which may surface sensitive credentials or tokens in logs.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting and acting upon data from external logs and error messages.
- Ingestion points: System logs, stack traces, and error output processed during the root cause investigation phase.
- Boundary markers: No specific delimiters or delimiters are implemented for the ingested text.
- Capability inventory: The skill utilizes shell command execution and file system access.
- Sanitization: Untrusted error data is processed directly without sanitization or filtering.
Audit Metadata