s-debug
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- PROMPT_INJECTION (HIGH): The 'Evidence-Based Debugging' methodology is highly susceptible to Indirect Prompt Injection. The agent is instructed to read external log files (via
addon.output) and 'Cite specific log lines as evidence' to confirm hypotheses. Because the agent's logic is fundamentally tied to the contents of these logs, an attacker could poison the logs to steer the agent toward malicious code modifications or unauthorized command execution. - COMMAND_EXECUTION (MEDIUM): The skill automates the process of 'instrumenting' code by injecting snippets that perform filesystem writes (Python/Go) and local network requests (JavaScript). This capability to modify user source files to include I/O operations poses a significant risk if the agent is misled during its debugging phase.
- REMOTE_CODE_EXECUTION (MEDIUM): Through the
lua.queuetool, the skill enables the dynamic execution of arbitrary Lua code within the game environment. This provides a direct path for the agent to execute unverified logic outside of its own context.
Recommendations
- AI detected serious security threats
Audit Metadata