diagnose
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to utilize standard development tools such as testing frameworks,
curl, CLI commands, and headless browsers to establish feedback loops and reproduce bugs. These activities are within the expected scope of a debugging skill. - [SAFE]: The file
scripts/hitl-loop.template.shprovides a safe mechanism for human-in-the-loop interaction, using standardreadcommands to capture user input during a debugging session. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest external data such as bug reports, log files, and network traces which could theoretically contain malicious instructions. However, this is an inherent characteristic of the software debugging use-case rather than a security flaw in the skill itself.
- Ingestion points: SKILL.md Phase 1 (traces, logs), Phase 2 (user descriptions), and Phase 4 (logs).
- Boundary markers: None explicitly defined in the instructions.
- Capability inventory: The skill encourages writing tests, running shell commands, and executing scripts (SKILL.md, Phase 1 & 5).
- Sanitization: Not applicable as the skill operates on raw debug data for diagnostic purposes.
Audit Metadata