Debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The
scripts/find-polluter.shscript executesnpm teston local files found via a user-defined pattern. While this involves dynamic command execution, it is the primary and documented function of the skill to identify state pollution in a test suite. - [PROMPT_INJECTION] (SAFE): The markdown instructions (e.g., in
references/verification.mdandSKILL.md) establish rigid procedural boundaries for the agent (such as the 'Iron Law' of verification). These are functional constraints designed to improve reliability and do not attempt to bypass the LLM's safety filters. - [DATA_EXPOSURE] (SAFE): The documentation encourages the use of stack traces and logging (
references/root-cause-tracing.md) to assist in debugging. The analysis confirms these practices are restricted to standard diagnostic output and do not target sensitive system files or credentials. - [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes local test files which represents a potential attack surface. However, this is inherent to the tool's purpose of debugging existing codebases.
- Ingestion points:
scripts/find-polluter.shreads and iterates over files matching a specific pattern. - Boundary markers: Absent, as it relies on standard test runner execution.
- Capability inventory: The script can execute
npm test,find, andlson the local filesystem. - Sanitization: The script uses double-quotes for the
npm testargument to mitigate basic shell splitting, though it remains a developer-oriented tool with high local privileges.
Audit Metadata