Skills
skills/grishaangelovgh/gemini-cli-agent-skills/bug-investigator/Gen Agent Trust Hub

bug-investigator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill creates a high-severity attack surface by requiring the agent to ingest untrusted data (bug reports and codebase files) and then perform high-privilege operations (writing code and executing tests).
  • Ingestion points: Uses grep, search_file_content, and git log to ingest external content from the repository.
  • Boundary markers: No instructions are provided to help the agent distinguish between code data and embedded malicious instructions.
  • Capability inventory: Explicitly directs the agent to 'Apply the Fix' (file modification) and 'Run the full test suite' (command execution).
  • Sanitization: No sanitization or validation of the analyzed content is mentioned.
  • [Command Execution] (MEDIUM): The protocol directs the agent to execute various test runners (pytest, jest, mocha, JUnit) and shell commands (grep, git log). This is inherently risky if the codebase being investigated contains malicious configuration or test files designed to exploit the agent's environment during the 'Reproduction' phase.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:45 PM