Skills
skills/mikecfisher/claude-debug-mode/debug-reproduced/Gen Agent Trust Hub

debug-reproduced

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local JavaScript files (analyze-logs.mjs and clear-logs.mjs) using the bun runtime. These scripts are located within the skill's internal directory using the ${CLAUDE_PLUGIN_ROOT} environment variable, which is a common pattern for skill-specific logic.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to how it handles external data.
  • Ingestion points: The skill ingests user notes via the $ARGUMENTS placeholder and reads raw log content from the .debug/debug.log file.
  • Boundary markers: No boundary markers or delimiters are used to wrap the untrusted data, nor are there instructions to the agent to ignore any commands or instructions found within the logs or user notes.
  • Capability inventory: The skill possesses command execution capabilities (via bun and cat) which could be exploited if an attacker embeds malicious instructions in the logs being analyzed.
  • Sanitization: The skill does not perform any validation, filtering, or sanitization on the content of the logs before the agent processes and repeats them as evidence.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 03:56 AM