debug
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an inherent surface for indirect prompt injection because it is designed to ingest and analyze untrusted data sources like application logs and source code. This is a common characteristic of debugging tools.
- Ingestion points: Application logs (e.g.,
logs/*.log,app.log) and source code files (*.py,*.js) accessed via theReadtool. - Boundary markers: No explicit instructions or delimiters are provided to the agent to distinguish untrusted file content from system instructions.
- Capability inventory: The skill utilizes the
Bash,Read,Grep, andGlobtools, providing shell command and file system access. - Sanitization: There is no evidence of sanitization or filtering of the ingested external content.
- [COMMAND_EXECUTION]: The skill recommends executing
env | grep -i appto gather information. While a standard debugging practice, this may inadvertently expose sensitive credentials if they are stored in environment variables matching the search string.
Audit Metadata