skills/seqis/openclaw-skills-converted-from-claude-code/agent-issue-investigator/Gen Agent Trust Hub
agent-issue-investigator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines access to a
Bashtool, allowing the agent to execute shell commands to reproduce and trace bugs. - [EXTERNAL_DOWNLOADS]: The agent is equipped with
WebFetchandWebSearchtools, enabling it to retrieve content from external websites for investigation context. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) as it processes untrusted bug reports and has access to high-privilege tools.
- Ingestion points: Input bug reports, test failures, and incident descriptions as specified in
SKILL.md. - Boundary markers: No specific delimiters are used to isolate untrusted user data from the agent's instructions.
- Capability inventory: The agent has access to
Bash,Write,Edit, andWebFetchtools. - Sanitization: There is no evidence of input validation or sanitization to prevent the agent from executing instructions embedded in the input reports.
Audit Metadata