debugging-toolkit-smart-debug
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes potentially untrusted data through the
$ARGUMENTSvariable inSKILL.mdandsub-skills/10-prevention.md. This constitutes a surface for indirect prompt injection (Category 8). - Ingestion points: User-provided data enters via
$ARGUMENTSinSKILL.mdandsub-skills/10-prevention.md. - Boundary markers: The skill does not employ explicit delimiters or system instructions to ignore instructions embedded within the processed issue.
- Capability inventory: The skill references capabilities for code instrumentation, fix generation, and interaction with external observability platforms (e.g., DataDog, Sentry, Honeycomb).
- Sanitization: No input validation or escaping of the user-provided arguments is documented in the skill instructions.
- [SAFE]: The skill's primary function is to guide an agent through a structured debugging workflow. Mentions of external services like DataDog, Sentry, and New Relic are for observability purposes and are treated as well-known technology services. The code examples provided are illustrative and do not instruct the agent to execute untrusted remote code.
Audit Metadata