forensics
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses system inspection commands including
ps,top, andcat /proc/*to analyze the state of the environment and identify causes of process failure. - [DATA_EXFILTRATION]: The skill can export diagnostic findings to GitHub via the
mcp__github__issue_writetool. This functionality is intended for bug reporting and includes a requirement for user confirmation. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes runtime logs that may contain untrusted data. Ingestion points: Log files such as
.gsd/activity/*.jsonland.gsd/journal/*.jsonlare read and analyzed. Boundary markers: The instructions lack specific delimiters or directions to ignore embedded commands within the log files. Capability inventory: The skill has permissions to write to the local filesystem and call external GitHub API tools. Sanitization: No sanitization or filtering of the ingested log content is performed before analysis.
Audit Metadata