error-diagnostics-error-trace
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the analysis of untrusted codebase files, which presents a surface for indirect prompt injection.\n
- Ingestion points: The
ErrorTrackingAnalyzerinresources/implementation-playbook.mdreads content from various project files (e.g.,.js,.py) viaPath.read_text.\n - Boundary markers: There are no specific delimiters or warnings to prevent the agent from following instructions embedded in the analyzed code.\n
- Capability inventory: The environment supports network requests (
fetch,aiohttp) and file system access as demonstrated in the implementation examples.\n - Sanitization: The diagnostic scripts do not perform sanitization on the file content before the agent processes it.\n- [DATA_EXFILTRATION]: The skill provides implementation patterns for transmitting error and performance data to external monitoring services and webhooks. These operations target external domains and include sensitive context. However, the provided code incorporates best practices by implementing redaction for common sensitive keys such as 'password', 'token', and 'api_key'.
Audit Metadata