deco-site-memory-debugging
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface. • Ingestion points: Remote Deno process state (objects, strings, and memory metrics) fetched in memory-analysis.md. • Boundary markers: Absent; remote data is interpolated directly into the analysis context. • Capability inventory: Extensive capabilities including Runtime.evaluate for code execution and Deno.readDir for file system access. • Sanitization: Absent; the skill performs no escaping or validation of the content retrieved from the remote environment.
- [REMOTE_CODE_EXECUTION]: The skill enables arbitrary JavaScript execution within remote Deno processes using the Chrome DevTools Protocol (CDP). This is the core mechanism for memory analysis but represents a high-privilege remote code execution path.
- [COMMAND_EXECUTION]: The skill guides the user to execute local commands, including
kubectl port-forwardandcurl, to facilitate network access to the remote debugging endpoints.
Audit Metadata