troubleshooting-regression
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
claudeCLI and suggests usingpnpmfor trace queries to facilitate debugging.\n - Evidence: Found in
scripts/main.cjswherespawnSyncis used to run theclaudecommand.\n - Mitigation: The script calls
spawnSyncwithshell: false, which mitigates shell-based command injection risks.\n- [DATA_EXFILTRATION]: The skill reads local debug logs from the user's home directory to identify error patterns.\n - Evidence:
scripts/main.cjsaccesses files in~/.claude/debug/.\n - Mitigation: A filter function
isIgnorableLineis implemented to skip lines containing authentication and credential-related keywords, preventing sensitive information from being processed or logged.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to its handling of untrusted log data and user-provided prompts.\n - Ingestion points: Debug logs from
~/.claude/debug/and thepromptargument inscripts/main.cjs.\n - Boundary markers: None present to distinguish data from instructions within the log files.\n
- Capability inventory: Executes
claude -p ...viaspawnSyncinscripts/main.cjs.\n - Sanitization: No sanitization or escaping of the prompt or log content before processing.
Audit Metadata