System Bug Fixer
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill utilizes the 'taskkill' command in PowerShell to terminate processes (java.exe and specific PIDs). This is a high-privilege action that could be leveraged to stop critical system services if the agent is misled by malicious input.
- DATA_EXFILTRATION (LOW): The skill instructions direct the agent to perform broad database queries ('SELECT *') and clear all Redis data ('FLUSHALL'). This exposes sensitive system state and internal data to the agent's context.
- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it ingests untrusted data from system logs and database query results. Evidence Chain: 1. Ingestion points: Processes 'backend.log' and raw MySQL query results. 2. Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions found within the logs. 3. Capability inventory: System command execution (taskkill) and database access. 4. Sanitization: Absent; the skill methodology explicitly instructs the agent to 'Trust the Logs' without validation.
Audit Metadata