Systematic Debugging
Fail
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/debug-session-logger.shis vulnerable to path traversal via the--session(or-s) command-line argument. The script concatenates the user-provided filename with a local directory path without validation, allowing an attacker to read or overwrite sensitive files outside the intended directory (e.g.,-s ../../.ssh/authorized_keys). - [COMMAND_EXECUTION]: The
initialize_sessionfunction inscripts/debug-session-logger.shis susceptible to shell command injection. It utilizes an unquoted heredoc (<< EOF) to process the$ISSUE_TITLEvariable, which causes the shell to evaluate and execute any embedded command substitutions, such as backticks or$()syntax, present in the title string. - [DATA_EXFILTRATION]: The path traversal vulnerability in
scripts/debug-session-logger.shallows for unauthorized data exposure. Theresume_sessionfunction displays the entire contents of the file specified by the--sessionargument to standard output, which could be used to leak sensitive information like private keys, configuration files, or environment secrets if an attacker-controlled path is provided. - [EXTERNAL_DOWNLOADS]: The
SKILL.mddocumentation references several third-party Python libraries, includingstructlog,line_profiler, andrequests. While these are standard development tools, they represent external dependencies that the agent may be prompted to install.
Recommendations
- AI detected serious security threats
Audit Metadata