coderabbit-debug-bundle
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: Accesses the .env file to gather configuration information. While it employs a sed script ('sed s/=.*/=REDACTED/') to mask values, this basic pattern-matching approach is insufficient for multi-line variables or non-standard formatting, potentially leading to secret exposure in the final bundle.
- [DATA_EXFILTRATION]: Reads log files from the user's home directory (~/.npm/_logs/). These files are ingested for packaging into a debug archive, which may contain sensitive context or PII despite filtering for specific keywords.
- [COMMAND_EXECUTION]: Executes system commands to determine environment status, including node, npm, and package listings.
- [COMMAND_EXECUTION]: Utilizes curl to perform a network connectivity check against api.coderabbit.com. This operation targets a well-known service domain related to the skill's stated purpose.
Audit Metadata