dev-debug
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes bash commands to locate reference files and related workflows within the author's plugin cache (~/.claude/plugins/cache/edwinhu-plugins/).
- [COMMAND_EXECUTION]: The main orchestrator executes regression test commands generated by subagents to verify the success of a bug fix, representing a core functional capability.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present where user-provided symptoms and codebase content (read by subagents) can influence subagent output and subsequent agent actions.
- Ingestion points: User-provided symptoms and project files are processed within the agent context in SKILL.md.
- Boundary markers: The prompt structure uses section headers and delimiters but lacks explicit instructions to ignore embedded instructions within processed data.
- Capability inventory: Subagents possess file system access (Read, Write, Edit, Grep) and the ability to propose bash commands for execution by the main agent.
- Sanitization: No sanitization or validation of external data or subagent-generated commands is performed.
Audit Metadata