systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- DATA_EXFILTRATION (LOW): The Phase 1 evidence gathering section includes an example command
env | grep IDENTITYwhich could expose sensitive environment variables to terminal logs. While the skill also demonstrates a safe check using${IDENTITY:+SET}, the explicit printing of environment variables is a data exposure risk in shared environments. - PROMPT_INJECTION (LOW): The core functionality requires the agent to read and analyze untrusted external data such as error messages, stack traces, and data flow logs. This presents an indirect prompt injection surface where an attacker could theoretically influence agent behavior via crafted error outputs.
- SAFE (SAFE): The skill is primarily instructional and does not contain obfuscated code, unauthorized remote downloads, persistence mechanisms, or privilege escalation patterns. The bash snippets provided are local diagnostic tools intended for authorized troubleshooting.
Audit Metadata