Skills
skills/atlassian/forge-skills/forge-debugger/Gen Agent Trust Hub

forge-debugger

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill autonomously runs shell commands such as forge lint, forge deploy, and forge logs to diagnose and fix application issues.
  • [PROMPT_INJECTION]: The skill includes an execution mandate directing the agent to bypass standard user confirmation protocols and apply fixes immediately.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection when processing unvalidated data from application logs and command output.
  • Ingestion points: forge logs output and CLI error messages.
  • Boundary markers: Absent.
  • Capability inventory: Shell command execution and source code modification.
  • Sanitization: Absent.
  • [EXTERNAL_DOWNLOADS]: The installation process clones a repository from the official Atlassian Labs account on Bitbucket and installs the @forge/cli package from npm.
  • [REMOTE_CODE_EXECUTION]: The skill executes npm install and npm run build in the local directory, which triggers scripts defined in the project's local configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 10:42 AM