workflow-debugger
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes official vendor resources, including the Duvo public API and domains (duvo.ai), to perform its auditing functions without requesting administrative or write permissions.
- [EXTERNAL_DOWNLOADS]: The skill references the official
@duvoai/cliNode.js package for optional CLI-based operations, which is a standard vendor-provided tool. - [PROMPT_INJECTION]: The skill processes external data such as run history, case titles, and evaluation comments, which presents a surface for indirect prompt injection.
- Ingestion points: Data is ingested from the Duvo platform via operations described in
SKILL.md(e.g.,listRuns,getRevision). - Boundary markers: The instructions do not explicitly define delimiters for separating analyzed data from agent instructions.
- Capability inventory: The skill's capabilities are restricted to read-only API calls; it cannot perform file system writes, arbitrary command execution, or network requests to non-vendor domains.
- Sanitization: No specific sanitization or validation of the retrieved platform data is mentioned in the instructions.
Audit Metadata