chase-log-debug
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'chase' command-line utility to perform system diagnostics, including project description, error log matching, and log tailing. These operations are local and serve the skill's documented primary purpose.
- [PROMPT_INJECTION]: The skill interacts with untrusted data from application logs, which presents a surface for indirect prompt injection. * Ingestion points: The agent reads log content from '.logs/*.log' via 'chase errors' and 'chase logs', and from '.debug/latest.md'. * Boundary markers: No explicit markers or safety instructions are used to distinguish log content from system instructions. * Capability inventory: The skill allows the agent to execute specific 'chase' CLI subcommands and read from the local filesystem. * Sanitization: There is no evidence of log content sanitization or validation before the agent processes it.
- [SAFE]: No malicious patterns such as credential theft, obfuscation, or persistence mechanisms were identified in the skill instructions.
Audit Metadata