debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill contains a utility script
find-polluter.shthat automates test execution usingnpm testto identify state pollution. While this executes local code, it is a standard developer tool operation and does not involve remote scripts or untrusted data execution. - DATA_EXPOSURE (SAFE): The documentation includes examples of using macOS security commands (
security list-keychains,security find-identity) for debugging code signing workflows. These are used as diagnostic examples and do not attempt to exfiltrate or store sensitive credentials. - INDIRECT PROMPT INJECTION (LOW): The skill's primary function is to ingest and analyze untrusted data such as error messages, stack traces, and test logs.
- Ingestion points: Error messages, stack traces, and component logs processed during Phase 1 of the debugging framework.
- Boundary markers: The skill encourages the use of explicit logging prefixes (e.g.,
DEBUG git init:) to distinguish diagnostic output. - Capability inventory: The skill utilizes local shell execution (via
npm testandcodesign) to verify fixes and gather environment data. - Sanitization: No explicit sanitization of error logs is mentioned, but the risk is mitigated as the analysis is intended for developer-controlled local environments.
- BEST PRACTICE (SAFE): The script
find-polluter.shuses aforloop over the results offind, which may fail on filenames containing spaces. This is a minor reliability issue rather than a security vulnerability.
Audit Metadata