har-debugger
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes external data from .har files that could contain malicious instructions.\n
- Ingestion points: The
har_fileinput parameter allows the agent to read external JSON data (SKILL.md).\n - Boundary markers: Absent. The skill does not provide delimiters or instructions to treat the HAR content strictly as data.\n
- Capability inventory: The skill parses the HAR file and extracts text from potentially attacker-controlled fields such as status texts, response headers, and response bodies (SKILL.md).\n
- Sanitization: Absent. The workflow extracts and correlates content directly without filtering or sanitization.
Audit Metadata