bugfix-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override agent behavior or bypass safety guidelines were found.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network exfiltration patterns are present.
- [Obfuscation] (SAFE): No Base64, zero-width characters, or other encoding techniques were detected.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not download or execute any external packages or scripts.
- [Indirect Prompt Injection] (LOW): While the skill defines schemas for processing external data (such as bug reports and stack traces), the risk is minimal as it only provides templates and does not implement automated processing of untrusted data.
- Ingestion points: SKILL.md defines structures for 'Error' and 'Stack' data.
- Boundary markers: The skill encourages the use of structured JSON for all data exchanges.
- Capability inventory: No active code execution capabilities are provided within the skill.
- Sanitization: Not applicable as no processing code is provided.
- [Dynamic Execution] (SAFE): No runtime code generation or dynamic loading mechanisms are used.
Audit Metadata