Skills
skills/zenobi-us/dotfiles/root-cause-tracing/Gen Agent Trust Hub

root-cause-tracing

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill utilizes a shell script (find-polluter.sh) that executes local test files through 'npm test'. This constitutes arbitrary code execution within the environment.
  • [PROMPT_INJECTION] (HIGH): This skill is vulnerable to Indirect Prompt Injection (Category 8). An attacker can place malicious code or instructions within test files that the agent is then likely to execute during debugging.
  • Ingestion points: find-polluter.sh (line 21) discovers files based on user-provided patterns.
  • Boundary markers: Absent. The agent is not instructed to verify or isolate the code being executed.
  • Capability inventory: find-polluter.sh (line 44) executes 'npm test' on found files; the skill also suggests running shell pipelines for instrumentation.
  • Sanitization: Absent. There is no validation of the content or origin of the files being executed.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 03:31 AM