systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to process external, untrusted data such as error messages and stack traces (Phase 1) which provides an attack surface for indirect prompt injection. Ingestion points: Error messages, logs, and stack traces processed in Phase 1. Boundary markers: None mentioned for log data. Capability inventory: Diagnostic bash command execution (env, security, codesign) suggested in Phase 1 Step 4. Sanitization: None described for external log inputs.
- [Command Execution] (SAFE): The skill provides example bash commands for environmental diagnostics. These are standard for debugging and include security best practices, such as redacting secret values (e.g., '${IDENTITY:+SET}') rather than printing them.
Audit Metadata