workflow-debugger

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill utilizes official vendor resources, including the Duvo public API and domains (duvo.ai), to perform its auditing functions without requesting administrative or write permissions.
  • [EXTERNAL_DOWNLOADS]: The skill references the official @duvoai/cli Node.js package for optional CLI-based operations, which is a standard vendor-provided tool.
  • [PROMPT_INJECTION]: The skill processes external data such as run history, case titles, and evaluation comments, which presents a surface for indirect prompt injection.
  • Ingestion points: Data is ingested from the Duvo platform via operations described in SKILL.md (e.g., listRuns, getRevision).
  • Boundary markers: The instructions do not explicitly define delimiters for separating analyzed data from agent instructions.
  • Capability inventory: The skill's capabilities are restricted to read-only API calls; it cannot perform file system writes, arbitrary command execution, or network requests to non-vendor domains.
  • Sanitization: No specific sanitization or validation of the retrieved platform data is mentioned in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 01:16 PM
Security Audit — agent-trust-hub — workflow-debugger