debug-remote
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill provides a mechanism for network logging by sending application data to an external server. The remoteLog function utilizes the fetch API to transmit log levels and messages to a placeholder URL. The documentation also mentions the use of third-party services like webhook.site for capturing logs during development.
- [COMMAND_EXECUTION]: The documentation references the adb logcat CLI tool for debugging purposes. This is an informative reference to standard development tools and does not involve automated or malicious command execution.
- [PROMPT_INJECTION]: The skill identifies a potential surface for indirect prompt injection via the ingestion of application logs. Ingestion points: Capture of console.log outputs via JavaScript overrides. Boundary markers: None identified in the provided snippets. Capability inventory: Outbound network requests via the fetch API. Sanitization: Log data is transmitted without validation or filtering.
Audit Metadata