systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a logical framework for debugging and troubleshooting software bugs. It encourages rigorous investigation before applying fixes.
- [COMMAND_EXECUTION]: The file 'find-polluter.sh' is a utility script that automates running 'npm test' to isolate which test file might be creating unwanted state (pollution). This is a standard development practice.
- [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection as it ingests error messages and test logs during Phase 1. Evidence: (1) Ingestion points: error messages in Phase 1 and the test pattern argument in find-polluter.sh; (2) Boundary markers: Absent; (3) Capability inventory: Subprocess execution via npm and find; (4) Sanitization: Input variables are quoted in the shell script. The risk remains safe given the diagnostic context.
- [NO_CODE]: No external third-party packages or remote script downloads are required or executed by this skill.
Audit Metadata