debug
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs extensive shell command execution for environment inspection and process management using utilities like docker, git, and curl.
- [COMMAND_EXECUTION]: The skill programmatically generates and executes temporary reproduction scripts, diagnostic probes, and test files within the local environment.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external, potentially untrusted data from error signals and test outputs.
- Ingestion points: The $ARGUMENTS variable in SKILL.md receives external error signals.
- Boundary markers: Absent; no delimiters are used to separate user data from instructions.
- Capability inventory: File system read/write, shell command execution, and browser automation capabilities are present.
- Sanitization: Absent; ingested data is not validated or escaped.
- [EXTERNAL_DOWNLOADS]: The skill references cloning Open Source repositories from GitHub to a local cache directory for code research.
Audit Metadata