systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script 'find-polluter.sh' automates running 'npm test' on files matching a search pattern to detect tests that create unwanted state.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted diagnostic data like error logs and stack traces while possessing shell execution capabilities.\n
- Ingestion points: Diagnostic logs and error messages processed in the 'Root Cause Investigation' phase of 'SKILL.md'.\n
- Boundary markers: None identified.\n
- Capability inventory: Execution of 'npm test' and shell commands like 'security' and 'codesign'.\n
- Sanitization: No sanitization of ingested diagnostic data is mentioned.\n- [COMMAND_EXECUTION]: Documentation in 'SKILL.md' and 'root-cause-tracing.md' provides examples for using shell commands like 'security list-keychains' and 'codesign' to diagnose pipeline issues.
Audit Metadata