debugging
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network operations were detected in the skill instructions or metadata.
- [COMMAND_EXECUTION]: The skill defines
Bash,Read, andGrepas allowed tools. This is appropriate for a debugging workflow that requires running tests, inspecting logs, and searching source code. - [DATA_EXPOSURE]: While the skill involves reading codebase state and logs, these operations are performed locally within the agent's assigned scope for the purpose of identifying bugs. No external exfiltration patterns are present.
- [INDIRECT_PROMPT_INJECTION]: The skill identifies an attack surface for indirect injection as it processes untrusted data such as application logs and external code.
- Ingestion points: Codebase files, stack traces, and production logs referenced in the workflow (SKILL.md).
- Boundary markers: Not explicitly defined in the workflow instructions.
- Capability inventory:
Read,Grep, andBashare used to interact with the system based on findings. - Sanitization: No specific sanitization or filtering of log content is mandated by the instructions.
- [REMOTE_CODE_EXECUTION]: The skill references a local script
scripts/skill-audit.jsfor grading evaluations, but it does not perform any remote downloads or execute untrusted code from external URLs.
Audit Metadata