Bug Triage
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). 1. Ingestion points: The skill is designed to process external bug reports, symptom descriptions, and log files as described in SKILL.md. 2. Boundary markers: There are no explicit markers or instructions telling the agent to ignore commands or instructions embedded within the bug report data. 3. Capability inventory: The skill utilizes high-privilege tools including Bash, Write, Read, Grep, and Glob. 4. Sanitization: No sanitization, validation, or escaping of the input data is performed before reproduction steps are executed.
- [COMMAND_EXECUTION]: The skill requires the Bash and Write tools to systematically reproduce and document issues. While these capabilities are aligned with the primary purpose of bug triage, they present a security risk if an attacker provides a malicious bug report containing commands that the agent might execute.
Audit Metadata