debugging
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute shell commands for debugging and verification. Evidence: references/root-cause-tracing.md includes a bash script that executes npm test with arguments. Evidence: references/verification.md lists several commands for different ecosystems (npm, pytest, go test) to be executed by the agent.
- [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection due to its core function of analyzing external, untrusted data. Ingestion points: Error messages, stack traces, logs, and console output are ingested during Phase 1 of the debugging process (SKILL.md). Boundary markers: None. The skill does not define specific delimiters or instructions to ignore embedded commands within the logs it analyzes. Capability inventory: The skill has access to the Bash tool and file system via Read, Grep, and Glob tools (SKILL.md). Sanitization: No sanitization or validation of the ingested error messages or logs is performed before the agent processes them.
Audit Metadata