code-debugger
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute various build, lint, and test commands (e.g., cargo check, go build, mvn verify, npm run lint) and to run commands on remote servers via SSH.
- [REMOTE_CODE_EXECUTION]: Recommends the use of package managers such as npm, pip, and uv, which involve downloading and potentially executing external code during installation.
- [EXTERNAL_DOWNLOADS]: Fetches PyTorch distributions from the official PyTorch download server (download.pytorch.org) using specified URLs.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it parses untrusted project files to build context networks and subsequently executes shell commands based on that analysis. Ingestion points: project source code accessed via search and browsing tools. Boundary markers: Absent. Capability inventory: shell execution via ssh and various build tools. Sanitization: Absent.
- [DATA_EXFILTRATION]: Instructions suggest interacting with highly sensitive files such as ~/.ssh/authorized_keys to facilitate remote development environments.
Audit Metadata