Debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it requires the agent to read and interpret potentially untrusted data from tool outputs during verification and debugging.
- Ingestion points: File
references/verification.mdexplicitly instructs the agent to read full command output, andreferences/root-cause-tracing.mdsuggests grepping test output. - Boundary markers: Absent. The instructions do not specify using delimiters or specific boundary markers to isolate potentially adversarial command output from the agent's primary instructions.
- Capability inventory: The skill involves executing tests (via
npm testinscripts/find-polluter.sh), and various shell commands for build and verification processes. - Sanitization: Absent. No sanitization or validation of command output is performed before it is processed and interpreted by the agent to determine the success of a task.
Audit Metadata