d3k
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Command Execution: The skill utilizes the
d3kCLI to perform various debugging tasks. This includes viewing combined logs, analyzing error contexts, and finding component source code. These operations are essential for its purpose as a debugging assistant. - Indirect Prompt Injection Surface: The skill processes external data from logs and web applications, which is a known vector for indirect instructions.
- Ingestion points: Data enters the context via commands like
d3k errors,d3k logs, and browser interaction commands such asd3k crawlord3k agent-browser open. - Boundary markers: The provided instructions do not explicitly specify the use of delimiters or "ignore previous instruction" markers for the processed log data.
- Capability inventory: The agent has the ability to execute
d3kCLI commands and write screenshot files to the local system. - Sanitization: No specific sanitization or filtering of the ingested log or web content is described in the skill definition.
- File System Operations: The skill writes screenshots to the
/tmp/directory (e.g.,/tmp/before.png). This is a routine operation for capturing visual states during development and debugging workflows.
Audit Metadata