debug
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to read and follow a workflow defined in
.agents/workflows/debug.md, which creates an indirect prompt injection surface. - Ingestion points:
.agents/workflows/debug.md(referenced inSKILL.md). - Boundary markers: Absent; the instructions do not include delimiters or warnings to ignore potentially malicious embedded instructions in the workflow file.
- Capability inventory: The debugging workflow (reproduce, diagnose, fix, test) implies the use of file-read, file-write, and subprocess-execution capabilities.
- Sanitization: Absent; the skill does not validate or sanitize the content of the referenced workflow file.
- [NO_CODE]: The skill consists exclusively of instructions in markdown format and does not include any scripts or executable files.
Audit Metadata