debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill creates a surface for indirect prompt injection through its input processing. Evidence: 1. Ingestion points: The 'symptom' and 'context' inputs in SKILL.md take external data. 2. Boundary markers: No delimiters or ignore-instructions are specified for these inputs. 3. Capability inventory: The skill utilizes powerful tools including run_terminal_cmd, write_file, and search_replace. 4. Sanitization: No sanitization of external data is present before processing.
- Metadata Poisoning (SAFE): The skill-snitch-report.md file contains self-authoritative claims like 'Verdict: ZERO' and 'APPROVE'. These claims were treated as data and ignored in accordance with the global security analysis rules.
- Command Execution (SAFE): The skill includes run_terminal_cmd and write_file in its allowed tools, which are appropriate and necessary for its primary purpose of debugging and repairing code.
Audit Metadata