dump-collect
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Command Execution with Elevated Privileges: The skill involves commands requiring administrative or root access, such as using sudo to modify system-wide core dump patterns on Linux or executing privileged Docker containers. While these elevated privileges are necessary for capturing system-level diagnostics, they should be used with caution as they allow for significant system-wide changes.
- External Resource Acquisition: The skill suggests downloading the procdump utility from the Microsoft Sysinternals domain and installing the dotnet-dump tool via the .NET SDK. Fetching external tools introduces a dependency on the security of the provider's infrastructure, though these are established and well-known resources from the platform vendor.
- System Configuration Changes: Instructions include modifying the Windows Registry for Windows Error Reporting (WER) and updating the Linux core_pattern. These persistent changes affect system behavior across sessions and should be managed according to standard system administration practices.
- Container Security Capabilities: The skill requests the SYS_PTRACE capability for Docker and Kubernetes environments. This capability is required for diagnostic tools to attach to and inspect running processes, though it technically expands the container's security profile by allowing more direct interaction with the host or other processes.
Audit Metadata