debug-debug
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes examples of shell commands (
env,security list-keychains,codesign) within a diagnostic context. These are standard developer tools used for troubleshooting environment configuration and code-signing identities in complex software systems. - [DATA_EXFILTRATION]: The instructions suggest gathering evidence by logging data at component boundaries and verifying environment variables (e.g., checking if an
IDENTITYvariable is set). No patterns for sending this information to external or untrusted network destinations were detected. - [PROMPT_INJECTION]: The skill uses strong instructional language (e.g., "The Iron Law", "You MUST complete each phase") to enforce a debugging methodology. This is benign instructional guidance and does not attempt to bypass agent safety filters or override core system instructions.
- [SAFE]: The skill processes untrusted input such as error messages and logs during its root cause investigation phase. While this presents a standard surface for potential indirect prompt injection, the structured four-phase framework and focus on diagnostic instrumentation act as logical safeguards against accidental execution of malicious payloads contained in error data.
Audit Metadata