Skills
skills/doraemonkeys/claude-code-debug-mode/Debug Mode/Gen Agent Trust Hub

Debug Mode

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell utilities such as grep, tail, ls, and wc to inspect and manage log files during the diagnosis phase.
  • [DATA_EXFILTRATION]: The workflow involves logging execution state, variable values, and decision points to a local file (.claude/debug.log) or via network requests (fetch POST) in browser environments. This presents a risk of sensitive data (like credentials or PII) being persisted or transmitted if present in the application state being debugged.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection because it reads and acts upon data from .claude/debug.log, which is populated by instrumented code. If the application processes untrusted external data, malicious instructions could be logged and subsequently interpreted by the agent.
  • Ingestion points: Read operations on {project_root}/.claude/debug.log using tail, grep, or file system APIs.
  • Boundary markers: Absent. The agent parses raw log entries without delimiters or instructions to ignore embedded commands.
  • Capability inventory: File system writes (fs.appendFileSync, open), Network requests (fetch), and Shell command execution (grep, tail).
  • Sanitization: None. The skill does not define methods to sanitize or validate log data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 01:10 AM