troubleshoot
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted user input (the 'issue' argument) directly into a diagnostic and remediation workflow.
- Ingestion points: The issue description and error messages provided as arguments in the '/troubleshoot' command defined in SKILL.md.
- Boundary markers: No specific delimiters or instructions (like 'treat the following text strictly as data') are used to separate the user-provided issue description from the agent's logic.
- Capability inventory: The skill documentation indicates it leverages Bash for runtime diagnostics and has a '--fix' flag to automatically apply changes to the system or codebase.
- Sanitization: There is no evidence of input validation or sanitization to ensure that instructions embedded within the 'issue' text are not executed by the agent.
Audit Metadata