systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands to gather context and manage the development environment. These include 'git diff' to check recent changes, 'pnpm turbo run test' for execution of test suites, and 'docker ps' to verify the state of containerized services.
- [CREDENTIALS_UNSAFE]: The protocol suggests verifying the presence of required environment variables by reading the '.env' file using 'cat .env | grep RELEVANT_KEY'. Accessing sensitive configuration files is a common practice during debugging but exposes potential secrets to the agent's execution context.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it requires the agent to ingest and analyze external data such as error messages, stack traces, and git diffs.
- Ingestion points: Error messages, stack traces, Pydantic validation bodies, and git diff output (SKILL.md).
- Boundary markers: Absent; no explicit delimiters or instructions to ignore embedded commands within ingested data are provided.
- Capability inventory: Execution of system commands via shell (git, pnpm, docker, uv) as defined in the debugging phases of SKILL.md.
- Sanitization: Absent; the skill does not specify any filtering or validation for the technical data ingested from the project environment.
Audit Metadata