break-loop
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill defines a methodical framework for internal bug analysis and documentation. It does not involve network access, sensitive credential exposure, or the execution of untrusted external code.\n- [COMMAND_EXECUTION]: The skill directs the agent to update project-specific documentation files (e.g., in .trellis/spec/) and commit those changes using version control. These operations are restricted to the local project environment and represent standard developer assistant behavior.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it incorporates debugging context and potentially user-supplied bug descriptions into persistent project documentation.\n
- Ingestion points: Context from previous debugging sessions and human-provided bug reports.\n
- Boundary markers: Absent; the instructions do not specify delimiters to isolate external bug data from the documentation update logic.\n
- Capability inventory: Ability to modify local documentation files in specified directories and execute Git commit commands.\n
- Sanitization: Absent; the skill relies on the agent's internal logic to filter and summarize debugging history without explicit sanitization rules.
Audit Metadata