debug
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to read and analyze external file content like code and logs which could contain malicious instructions.
- Ingestion points: Workflow Step 1 in SKILL.md involves reading files using Read, Grep, and Bash tools.
- Boundary markers: No explicit markers or instructions to ignore embedded commands are present in SKILL.md.
- Capability inventory: The skill uses tools like Bash, Edit, SendMessage, and TeamCreate as documented in SKILL.md.
- Sanitization: No evidence of sanitization of the ingested file content is present.
- [COMMAND_EXECUTION]: The skill uses the Bash tool for routine debugging tasks such as checking repository status and running test suites, which is consistent with its stated purpose.
- [DATA_EXFILTRATION]: The skill has the capability to read files and send messages; however, the prompt constraints require user approval and verified observations, which helps prevent unauthorized data exfiltration.
Audit Metadata