debug
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is susceptible to indirect prompt injection as it ingests untrusted data from error logs and codebase files. Evidence Chain: 1. Ingestion points: Error messages and bug descriptions defined in the process section of SKILL.md. 2. Boundary markers: No delimiters or warnings are present to isolate the processed data from instructions. 3. Capability inventory: The skill has the capability to read local files and execute grep and git commands. 4. Sanitization: There is no evidence of data sanitization or validation of the input content.
- Command Execution (SAFE): The skill uses grep and git for source code searching and version history analysis, which is appropriate for a debugging tool and not indicative of malicious behavior.
- Data Exposure & Exfiltration (SAFE): No patterns of hardcoded credentials, access to sensitive configuration files, or unauthorized network exfiltration were identified.
Audit Metadata