debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill uses instructional guardrails like "Iron law" and "NO FIXES WITHOUT" to enforce a task-specific debugging methodology. These are legitimate behavioral constraints and do not attempt to override system safety protocols or extract the system prompt.
- [COMMAND_EXECUTION] (LOW): The skill references a local script
scripts/find-polluter.shfor bisecting test pollution. While this indicates shell command execution, it is presented as a standard utility for the skill's primary purpose of debugging. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill's primary function is to process untrusted data such as bug reports, error logs, and test failures.
- Ingestion points: Data entering via logs or error messages (referenced in 'Use when' section).
- Boundary markers: The skill enforces a four-phase structure (investigate, hypothesize, validate, verify) which serves as a procedural boundary.
- Capability inventory: The skill includes execution of
scripts/find-polluter.shand general 'verification commands'. - Sanitization: No explicit sanitization or escaping of log content is described.
Audit Metadata