systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill instructs the agent to analyze external, untrusted data like error messages and stack traces to identify root causes. 1. Ingestion points: Phase 1 (Error messages, stack traces, and component boundary logs in SKILL.md). 2. Boundary markers: Absent from the processing instructions. 3. Capability inventory: Phase 1 and 4 include local shell command execution (e.g., security, codesign, env). 4. Sanitization: No sanitization or filtering of the ingested log content is specified.
- [Command Execution] (SAFE): The skill provides example bash scripts for system diagnostics using standard utilities like grep, security, and codesign. These are used for legitimate troubleshooting of build and signing environments and do not attempt to execute remote or unauthorized code.
- [Data Exposure] (SAFE): Included diagnostic examples use shell parameter expansion (e.g., ${VAR:+SET}) to check for the presence of environment variables without printing their actual secret values, following safe debugging practices.
Audit Metadata