debug-investigator
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is vulnerable to indirect prompt injection as it processes external content and possesses execute capabilities.\n
- Ingestion points: Logs, error messages, and traces (Phase 1).\n
- Boundary markers: Absent. The skill lacks delimiters to protect against embedded instructions.\n
- Capability inventory: Explicitly encourages use of 'Bash for diagnostic commands' and 'Grep/Read tools' (Tool Usage).\n
- Sanitization: Absent. No validation of ingested data is mentioned.\n- [COMMAND_EXECUTION] (LOW): The skill specifically suggests the use of Bash commands for troubleshooting purposes.\n
- Evidence: 'Leverage Bash for diagnostic commands' (Tool Usage).
Recommendations
- AI detected serious security threats
Audit Metadata