spec-debug
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it modifies source code based on untrusted data from other agents.
- Ingestion points: Ingests bug reports and reproduction steps via SendMessage from the spec-tester and parses project documentation like plan.md and test-report.md in Step 1.
- Boundary markers: Lacks explicit delimiters or instructions to ignore potential commands embedded within external reports or documents.
- Capability inventory: Authorized to modify source code files in Step 7, execute search tools, and send messages to other roles.
- Sanitization: No validation or sanitization is performed on external bug reports before they guide the code modification process.
Audit Metadata