debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill defines a workflow that utilizes tools to ingest untrusted data from external websites and the local codebase, which is a known attack surface for indirect prompt injection.\n- Ingestion points: Use of WebSearch, Firecrawl:search, Perplexity, and codebase_search tools to gather information.\n- Boundary markers: None specified in the instructions to separate untrusted data from the agent's internal reasoning.\n- Capability inventory: The skill possesses the capability to read files, search the web, and apply code fixes across the codebase.\n- Sanitization: No sanitization or verification steps are outlined for data retrieved from untrusted sources.
Audit Metadata