skills/ascend-ai-coding/awesome-ascend-skills/external-gitcode-ascend-auto-bug-fixer/Gen Agent Trust Hub
external-gitcode-ascend-auto-bug-fixer
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform Git operations, specifically using
git bisectcommands (start,bad,good) to traverse commit history and locate the origin of bugs. These are standard developer operations within the scope of a bug-fixing tool. - [EXTERNAL_DOWNLOADS]: The documentation and example output format include references to installing specific Python packages (
mindstudio-probeandtb_graph_ascend) which are part of the vendor's specialized debugging toolset for Ascend hardware. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and analyze potentially untrusted external data, such as error logs and reproduction steps, which could contain adversarial instructions.
- Ingestion points: The agent reads
error_phenomenon,reproduce_steps, andcode_change_infofrom external or user-provided sources (File: SKILL.md). - Boundary markers: The skill uses structured Markdown templates for its analysis reports but does not explicitly instruct the agent to ignore or delimit embedded instructions within the ingested data.
- Capability inventory: The agent has the capability to execute shell commands (via Git) and generate executable test scripts for multiple frameworks (pytest, gtest, etc.).
- Sanitization: No specific sanitization or filtering logic is defined for the input data, leaving the agent dependent on its internal safety guardrails.
Audit Metadata