rails-bug-triage
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands, specifically 'bundle exec rspec', to run reproduction tests that it generates at runtime.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted user input (bug reports, logs) to generate executable code and command-line arguments.\n
- Ingestion points: The skill ingests untrusted data from bug reports, error messages, and reproduction steps as defined in SKILL.md and assets/examples.md.\n
- Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between user data and internal logic or to ignore instructions embedded in the reports.\n
- Capability inventory: The agent can write arbitrary Ruby files (.rb) and execute shell commands via 'bundle exec rspec', creating a path for code execution based on the input data.\n
- Sanitization: The process lacks instructions for sanitizing or escaping external content before it is used to generate the reproduction test files.
Audit Metadata