systematic-debugging
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Prompt Injection] (LOW): Indirect prompt injection vulnerability surface. The skill instructs the agent to process external, potentially attacker-controlled data during the debugging process.
- Ingestion points: Error messages (Phase 1, Step 1) and component boundary logs (Phase 1, Step 4).
- Boundary markers: Absent; no instruction to use delimiters for external data.
- Capability inventory: Execution of bash commands and file system reading (git diff).
- Sanitization: Absent; no mention of sanitizing or escaping log/error content before processing.
- [Data Exposure & Exfiltration] (LOW): Exposure of sensitive system metadata through diagnostic examples.
- Evidence: The bash examples in SKILL.md (Phase 1, Step 4) include commands such as 'security list-keychains' and 'env | grep IDENTITY'. These commands reveal system keychain configurations and may inadvertently print the values of sensitive environment variables. While intended for diagnostic purposes, they expose the system's security posture.
Audit Metadata