Skills
skills/everyinc/compound-engineering-plugin/ce-debug/Gen Agent Trust Hub

ce-debug

Pass

Audited by Gen Agent Trust Hub on Apr 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes text from external issue trackers (GitHub, Linear, Jira) without explicit sanitization or boundary markers. Findings indicate: 1) Ingestion points: Phase 0 (Triage) fetches data from issue URLs. 2) Boundary markers: Absent. 3) Capability inventory: Subprocess execution (git, gh, npm, etc.) and file-write access. 4) Sanitization: Absent.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with well-known services and repositories, such as GitHub and package registries (npm, RubyGems), to retrieve issue metadata and manage project dependencies.
  • [COMMAND_EXECUTION]: The skill executes a wide range of shell commands to facilitate debugging, including git operations (checkout, bisect, log), dependency installation (npm install, bundle install), and the execution of test suites (jest, pytest, rspec).
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 26, 2026, 07:38 PM