skills/sammcj/agentic-coding/performing-systematic-debugging-for-stubborn-problems/Gen Agent Trust Hub
performing-systematic-debugging-for-stubborn-problems
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted external content with high-privilege capabilities.
- Ingestion points: The process involves reading and performing a "line-by-line walkthrough" of source code in Phase 2, and documenting symptoms from external logs in Phase 1.
- Boundary markers: No boundary markers or delimiters are defined to separate untrusted data from the agent's instructions, nor are there warnings to ignore embedded natural language commands within the data.
- Capability inventory: The skill explicitly authorizes the agent to use tools to "read files", "search code", "run tests", "check logs", and ultimately "proceed to implement the proposed solutions" (write/modify files).
- Sanitization: There is no evidence of sanitization, escaping, or validation of the code or logs before processing.
- Impact: An attacker could embed malicious instructions in code comments or log files. If the agent follows these instructions during its "systematic inspection," it could be coerced into running dangerous tests, leaking data via logs, or modifying the codebase in a malicious way.
Recommendations
- AI detected serious security threats
Audit Metadata