debugging
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill documents and provides examples for numerous command-line tools used in Node.js debugging and profiling, including
node --inspect,clinic,0x,autocannon, andsecurity. These are standard tools used for performance analysis and system state inspection during debugging. - [DATA_EXPOSURE]: Phase 1 instructions (SKILL.md) include examples of environment variable inspection (e.g.,
env | grep IDENTITY). This is presented as a method to verify configuration propagation across build/deployment layers. While this is a standard debugging technique, it relies on the agent's internal safety filters to prevent unintentional logging of secrets if the environment contains sensitive keys. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted external data such as runtime error messages and application logs.
- Ingestion points: Error messages and stack traces (SKILL.md, Phase 1).
- Boundary markers: Not explicitly defined in the prompts.
- Capability inventory: The skill has access to Bash, Read, Write, and Edit tools.
- Sanitization: No explicit sanitization of error logs is described. The risk is considered low as the data is analyzed for debugging purposes within a controlled environment.
Audit Metadata