systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface. The skill is designed to ingest and analyze untrusted data such as error logs and codebase patterns, which could contain malicious instructions designed to manipulate agent behavior.
- Ingestion points: Phase 1 (Error messages, logs) and Phase 2 (Codebase patterns) in SKILL.md.
- Boundary markers: Absent. No specific delimiters or warnings for the agent to ignore instructions within logs are provided.
- Capability inventory: Shell command execution (git, diff, env) and read access to codebase/logs.
- Sanitization: Absent.
- [DATA_EXFILTRATION] (LOW): The tactical reference suggests using 'env | sort' to compare environments. This is a standard diagnostic practice but carries the risk of exposing sensitive environment variables and secrets to the agent's context window.
- [COMMAND_EXECUTION] (SAFE): The skill references common diagnostic tools like 'git bisect', 'grep', 'diff', and 'cat'. These are used appropriately within the context of a debugging framework and are not executed automatically in a malicious way.
Audit Metadata