error-detective
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill's primary function is to process untrusted external data from logs and codebases, which is a significant attack vector for indirect prompt injection.
- Ingestion points: File: SKILL.md. Ingests data from system logs, codebases, and log aggregation platforms (Elasticsearch, Splunk).
- Boundary markers: Absent. The instructions lack any delimiters or warnings to treat processed data as untrusted.
- Capability inventory: File: SKILL.md. The agent is tasked with searching codebases, performing log queries, and generating root cause hypotheses and fixes, creating a high-impact feedback loop.
- Sanitization: Absent. No evidence of input filtering or instruction escaping exists in the skill logic.
Recommendations
- AI detected serious security threats
Audit Metadata