awf-debug-tools
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill interacts with the host and containers using Docker commands (
inspect,ps,exec,logs,network). These are executed via Python'ssubprocess.runusing the list-based API, which is a recommended practice to prevent command injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The skill uses only the Python 3.8+ standard library. It does not install external packages via pip or download remote scripts, eliminating risks associated with untrusted dependencies or remote code execution.
- [DATA_EXFILTRATION]: While the scripts read diagnostic information such as firewall logs (
access.log), configuration files (squid.conf), and container metadata, this data is processed locally and presented to the user/agent for debugging purposes. There are no network operations that send this data to external or unknown domains. - [SAFE]: The skill's implementation aligns perfectly with its stated purpose of providing debugging tools. The use of
sudoanddockertools is explicitly declared in the metadata and is necessary for the intended diagnostic functions.
Audit Metadata