moai-essentials-debug
Warn
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Technical reference documentation (reference.md) includes instructions for using 'sudo' with system instrumentation tools such as dtrace, stap, and bpftrace.
- [EXTERNAL_DOWNLOADS]: The skill's reference guide (reference.md) contains a 'curl | bash' command targeting 'https://aka.ms/getvsdbgsh'. Since this targets a well-known Microsoft domain, it is considered a trusted external resource reference.
- [PROMPT_INJECTION]: The skill describes an architecture in SKILL.md that fetches external debugging 'workflows' and 'patterns' using the 'mcp__context7__get-library-docs' tool, creating a surface for Indirect Prompt Injection. 1. Ingestion points: 'mcp__context7__get-library-docs' (SKILL.md) fetches documentation from external library IDs such as '/microsoft/debugpy'. 2. Boundary markers: No delimiters or protective instructions are identified in the described logic. 3. Capability inventory: The skill utilizes powerful tools including 'Bash', 'Write', and 'Edit'. 4. Sanitization: No evidence of validation or sanitization of external patterns is provided before they are applied to agent workflows.
Audit Metadata