gsd-debugger
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill leverages the Bash tool to execute system commands, build tools, and test runners, which are necessary for its debugging functions but present a risk if the environment or data is compromised.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its autonomous data processing loop. Ingestion points: The agent reads and analyzes untrusted data from source code, application logs, and user reports using the Read, Grep, and Bash tools. Boundary markers: The instructions do not define delimiters or explicit rules to ignore instructions found within the analyzed data. Capability inventory: The agent has high-privilege access to Bash, file editing, and web search tools. Sanitization: No mechanisms for validating or sanitizing external content are present before the agent processes and acts upon it.
Audit Metadata