debugging-code
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill instructs users to install a tool by piping a remote script directly into a bash shell. This is a critical security risk that allows for arbitrary command execution. Evidence: 'bash <(curl -fsSL https://raw.githubusercontent.com/AlmogBaku/debug-skill/master/install.sh)'.
- [EXTERNAL_DOWNLOADS]: The skill fetches and executes content from an untrusted third-party GitHub repository (AlmogBaku/debug-skill) that is not associated with the skill author or the list of trusted vendors.
- [COMMAND_EXECUTION]: The skill relies on the 'dap' CLI tool to execute various shell commands, manage background processes, and perform debugging actions on the local system.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data with high-privilege capabilities.
- Ingestion points: The skill reads source code files via 'dap debug ' and evaluates arbitrary strings via 'dap eval ""'.
- Boundary markers: Absent. There are no delimiters or instructions provided to the agent to ignore potentially malicious instructions embedded within the code being debugged.
- Capability inventory: The skill has the capability to execute shell commands and evaluate code through the 'dap' CLI.
- Sanitization: Absent. Input to the evaluation and debugging commands is passed directly to the tool without validation or escaping.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/AlmogBaku/debug-skill/master/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata