kairos-bug-report
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill collects interaction traces and performs health checks on service endpoints. It mitigates risks by explicitly instructing the agent to redact secrets, tokens, and cookies before saving the report to a local file.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests external tool output (MCP traces) for reporting. It uses fenced code blocks as boundary markers and mandates the redaction of sensitive content as a sanitization measure before the data is written to the filesystem.
- [COMMAND_EXECUTION]: The skill requests an HTTP GET call to a service health endpoint. This is a standard diagnostic action for bug reporting and does not involve unauthorized command execution or privilege escalation.
Audit Metadata