bugzilla
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with official Mozilla domains (
bugzilla.mozilla.org) to perform bug tracking operations. These communications are directed to a well-known and trusted service for the intended primary purpose of the skill. - [DATA_EXPOSURE]: API credentials are managed via the
BUGZILLA_API_KEYenvironment variable. This is a standard security practice that avoids hardcoding secrets in scripts or configuration files. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from an external source (bug reports and comments) which can be manipulated by third parties.
- Ingestion points: Bug summaries, descriptions, and comments are fetched via the REST API in
bz.pyand displayed to the agent. - Boundary markers: The script does not utilize explicit delimiters or markers to distinguish external bug content from internal instructions when outputting to the agent.
- Capability inventory: The skill has the ability to write results to local files using the
--outputparameter and perform network operations against the Bugzilla API. - Sanitization: There is no evidence of sanitization or filtering of the fetched content to prevent embedded instructions from influencing agent behavior.
Audit Metadata