git-bisect-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a 'deterministic pass/fail command' to classify commits during the bisect process. This requires the agent to run arbitrary shell commands provided by the user or derived from the project environment.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) through the data it processes.
- Ingestion points: The agent reads and processes git commit history, commit messages, and the output of the classification commands (SKILL.md).
- Boundary markers: The instructions do not define specific delimiters or provide guidance to the agent to ignore potentially malicious instructions embedded within the git logs or test outputs.
- Capability inventory: The agent possesses the capability to execute shell commands and modify the local file system (git state) as part of the bisect workflow (SKILL.md).
- Sanitization: There is no evidence of sanitization, filtering, or validation of the content retrieved from the git repository before it is processed by the agent.
Audit Metadata