issue-troubleshooting
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a utility script
scripts/find-polluter.shdesigned to locate tests that cause filesystem pollution. This script executesnpm teston local files matching a user-provided pattern. This is a legitimate functional requirement for a troubleshooting tool but involves direct shell command execution. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and act upon untrusted external data.
- Ingestion points: The agent is instructed to read and analyze error messages, stack traces, and Git diffs in SKILL.md (Phase 1).
- Boundary markers: The instructions lack explicit boundary markers or directives to ignore instructions that might be embedded within processed logs or code.
- Capability inventory: The skill allows for local command execution (via
find-polluter.sh) and file system analysis across the project. - Sanitization: There is no evidence of sanitization or validation of the ingested error data before it is processed by the agent.
Audit Metadata