systematic-debugging
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill provides shell script templates for diagnostic purposes (Phase 1, Step 4). This encourages the agent to generate and execute shell commands based on its analysis of the system, which can be exploited if the analysis is influenced by malicious input.
- [CREDENTIALS_UNSAFE] (HIGH): The diagnostic examples include sensitive commands like 'security list-keychains' and 'security find-identity -v'. These commands access cryptographic identity information and keychain paths on macOS. An attacker could use a technical issue as a pretext to trick the agent into running these and reporting the results.
- [PROMPT_INJECTION] (HIGH): Vulnerable to Indirect Prompt Injection. The core instructions require the agent to 'Read Error Messages Carefully' and process stack traces. If an attacker can influence these (e.g., via a malicious web page causing a specific console error or a manipulated log file), they can inject instructions that the agent may follow while executing the debugging protocol.
Recommendations
- AI detected serious security threats
Audit Metadata