bug-reproduction-validator
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it systematically processes untrusted data in the form of bug reports. A malicious actor could embed instructions within a report to influence the agent's actions during reproduction.
- Ingestion points: Bug reports and issue descriptions enter the agent context (SKILL.md).
- Boundary markers: Absent. The prompt lacks explicit delimiters to segregate user-provided data from system instructions.
- Capability inventory: The agent can perform file exploration, examine logs and databases, and interact with the UI via the agent-browser CLI.
- Sanitization: Absent. There is no mention of filtering or validating the content of the reports before investigation.
Audit Metadata