endor-troubleshoot
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's workflow and tool usage are well-defined and strictly limited to troubleshooting scan failures using official Endor Labs knowledge bases and documentation.
- [COMMAND_EXECUTION]: Invokes the 'scan' MCP tool on the local repository path to identify configuration errors, dependency issues, and vulnerabilities. This execution is a primary function required for diagnostic purposes.
- [PROMPT_INJECTION]: The skill processes untrusted external data in the form of pasted error logs and automated scan outputs, which creates a surface for indirect prompt injection. Evidence Chain: (1) Ingestion points: Error text input and scan results (SKILL.md); (2) Boundary markers: Absent; (3) Capability inventory: 'scan' MCP tool (SKILL.md); (4) Sanitization: Absent. This surface is necessary for the skill's core troubleshooting logic and is handled as a low-risk functional requirement.
Audit Metadata