debug-agent
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill is designed to analyze potentially untrusted external data such as error logs and stack traces and use that analysis to perform high-impact actions like source code modification and command execution.\n
- Ingestion points: External data enters the context during the "Understand" and "Reproduce & Diagnose" phases from logs and evidence provided in bug reports, as documented in resources/execution-protocol.md and resources/bug-report-template.md.\n
- Boundary markers: The skill does not provide instructions to use delimiters (like XML tags or markdown blocks) or specific safety prompts to ignore potentially malicious instructions embedded in the logs or reports being analyzed.\n
- Capability inventory: The agent has the capability to modify the filesystem ("Apply minimal fix") and execute shell commands ("Write a regression test" and "run tests"), as outlined in SKILL.md and resources/execution-protocol.md.\n
- Sanitization: No sanitization, escaping, or validation of external input is required before the data influences the agent's decision-making process during the debugging loop.
Audit Metadata