systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill provides examples of shell commands for diagnosing environment and signing issues, including 'security list-keychains', 'security find-identity', and 'env | grep'. These interact with sensitive system state such as the macOS Keychain and environment variables.
- DATA_EXFILTRATION (MEDIUM): Phase 1, Step 4 instructs the agent to log data entering and exiting components at every boundary. Without explicit instructions to mask sensitive information, this could lead to the exposure of credentials, tokens, or PII in logs.
- PROMPT_INJECTION (LOW): The skill uses strong normative language ('The Iron Law', 'You MUST') to override the agent's default reasoning and force adherence to the debugging framework, which is a meta-instruction technique.
- INDIRECT_PROMPT_INJECTION (LOW): The skill includes 'Pressure Test' scenarios (e.g., test-pressure-1.md) that act as untrusted inputs intended to test the agent's adherence to the process. Evidence: Ingestion points in test files; Boundary markers absent; Capabilities include shell diagnostics; Sanitization absent.
Audit Metadata