rollbar
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it ingests untrusted data from an external source (Rollbar logs). 1. Ingestion points: Error messages and stack traces are retrieved via 'rollbar items', 'rollbar context', and 'rollbar occurrence' commands. 2. Boundary markers: The skill documentation does not provide delimiters or instructions to the agent to treat the retrieved log data as untrusted content. 3. Capability inventory: The skill has command execution capabilities via 'Bash(rollbar *)'. 4. Sanitization: There is no evidence of data sanitization or filtering applied to the external log content before it is processed by the AI.
- [COMMAND_EXECUTION] (SAFE): The skill uses the 'rollbar' CLI tool. Command execution is restricted to the 'rollbar' binary, limiting the risk of arbitrary code execution.
Audit Metadata