Debugging
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its data ingestion process.
- Ingestion points: SKILL.md defines an intake phase that accepts untrusted user input for 'Problem Description', 'Error Message / Stack Trace', and 'Attachments' (logs/configs).
- Boundary markers: The skill lacks instructions to wrap user-provided data in delimiters or use 'ignore instructions' directives for the interpolation of user-provided content.
- Capability inventory: The agent is directed to perform file reads and log analysis based on the ingested data across the codebase, and has the capability to write 'Debug Report' files to the local filesystem in '.agent/debugs/'.
- Sanitization: No sanitization or validation of the input content is performed beyond a basic presence and coherence check, which does not prevent malicious instructions from being executed by the agent.
Audit Metadata