fix-logs
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to modify project configuration files (e.g., package.json, Makefile, pyproject.toml) to append shell redirection commands (e.g., '2>&1 | tee logs.txt'). This is a legitimate functional feature for capturing logs to facilitate runtime debugging.
- [PROMPT_INJECTION]: The skill processes user-provided arguments and local log file content, creating an indirect prompt injection surface. 1. Ingestion points: $ARGUMENTS and ./logs.txt. 2. Boundary markers: The skill uses tags for input arguments, though no specific markers are mentioned for log content. 3. Capability inventory: File modification, workspace writing, and subagent orchestration. 4. Sanitization: No explicit filtering or validation of ingested content is defined. This risk is considered standard for log analysis tools and does not escalate the verdict.
Audit Metadata