debug-assist
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its workflow of acting upon untrusted external data. Ingestion points: Untrusted data enters the agent context via bug reports and file analysis described in Step 1 and Step 3. Boundary markers: There are no delimiters or explicit instructions to ignore embedded commands within the analyzed code or reports. Capability inventory: The agent is empowered to execute shell commands in Step 2 and modify source files in Step 6. Sanitization: No validation or sanitization of reproduction commands or generated code fixes is mandated before execution.
- [COMMAND_EXECUTION]: The workflow requires the agent to execute shell commands to reproduce software bugs. While these commands are context-dependent and guided by the user's report rather than hardcoded payloads, they represent a significant capability tier.
- [SAFE]: No evidence of obfuscation, hardcoded credentials, unauthorized network activity, or persistence mechanisms was detected within the skill's instructions.
Audit Metadata