agent-bug-hunter
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to execute commands for bug reproduction, testing, and verification. While these capabilities are essential for a bug-hunting specialist, they allow for arbitrary command execution on the host environment. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it lacks protection when processing untrusted content.
- Ingestion points: The agent ingests untrusted data from the local codebase (scanning for bugs) and external sources via the
WebSearchandWebFetchtools. - Boundary markers: The instructions do not define delimiters or provide specific 'ignore' instructions for content retrieved from external web sources or within code comments.
- Capability inventory: The agent has access to highly privileged tools including
Bash(shell execution) andWrite/Edit/MultiEdit(file system modification). - Sanitization: There is no evidence of data sanitization or validation before external content is incorporated into the agent's context or used to inform tool calls.
Audit Metadata