Skills
skills/greyhaven-ai/claude-code-config/grey-haven-smart-debugging/Gen Agent Trust Hub

grey-haven-smart-debugging

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The file reference/error-patterns-database.md contains a template that explicitly instructs the agent to run pip install package_name. This encourages the installation of unverified third-party dependencies during the debugging process.
  • [COMMAND_EXECUTION] (LOW): The SKILL.md configuration enables the Bash tool, which permits arbitrary command execution on the host. While relevant to debugging, it significantly expands the attack surface.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data (stack traces, error logs) and has access to high-privilege tools.
  • Ingestion points: Error logs and stack traces provided by the user or read via Grep and Read tools.
  • Boundary markers: Absent. There are no instructions to the agent to ignore embedded commands within the analyzed logs.
  • Capability inventory: Includes Bash, Write, and MultiEdit for code modification and system access.
  • Sanitization: No sanitization of ingested trace data is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:38 PM