help-me-debug

Fail

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: HIGHPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The 'Skill Isolation' section contains instructions that attempt to override platform-level orchestration. It directs the agent to act as the 'sole active authority' and to 'suppress' any other skills that might activate during the session.
  • [DATA_EXFILTRATION]: The workflow directs the agent to collect sensitive data, specifically including 'env assumptions' (environment variables), 'config keys', and 'logs'. This information is written to the 'debug_human_report.md' and 'debug_llm_context.md' files, which constitutes exposure of potentially sensitive system secrets and configuration data.
  • [COMMAND_EXECUTION]: The skill instructions mandate 'read-only exploration aggressively' and 'deep codebase investigation', which involves the execution of shell commands to inspect the file system, read manifests, and gather environment details.
  • [PROMPT_INJECTION]: The skill exhibits a significant indirect prompt injection surface. Ingestion points: Processes untrusted logs, error text, and codebase files. Boundary markers: No delimiters or instructions are provided to the agent to distinguish between its instructions and the data being analyzed. Capability inventory: File system read/write access. Sanitization: No instructions are provided to sanitize or filter external content.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jun 17, 2026, 03:14 AM
Security Audit — agent-trust-hub — help-me-debug