investigation-first
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill prompts the agent to run code and execute tests locally to verify its investigation findings. This is an intended feature of the diagnostic methodology for developers.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by ingesting external data (code, logs, and git history) to influence agent conclusions.
- Ingestion points: Source code, logs, and git metadata in investigation-agent-prompt.md.
- Boundary markers: Absent; relies on logical analysis and human-in-the-loop review rather than technical delimiters.
- Capability inventory: Reading files and executing tests as defined in SKILL.md.
- Sanitization: None explicitly defined for ingested content.
- [SAFE]: No malicious patterns, hardcoded credentials, or exfiltration routes were detected across the analyzed files. The instructional content is purely procedural.
Audit Metadata