debug-jlink
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/jlink_debugger.pyusessubprocess.runandsubprocess.Popento launch theJLinkGDBServerandGDBbinaries. These operations are essential for the skill's purpose and are implemented safely using list-based arguments to prevent shell injection.\n- [PROMPT_INJECTION]: The skill has an ingestion surface for indirect prompt injection as it processes external ELF files and executes debugger commands based on user-provided paths. This is a standard and expected pattern for local development and debugging tools.\n - Ingestion points: The tool accepts paths to ELF binaries and GDB executables via command-line arguments in
scripts/jlink_debugger.py.\n - Boundary markers: No explicit boundary markers or "ignore embedded instructions" warnings are used when processing local files.\n
- Capability inventory: The skill executes local subprocesses (GDB, JLinkGDBServer) and writes temporary GDB scripts to the local file system.\n
- Sanitization: The script validates file existence using
pathliband uses list-based command execution (avoidingshell=True) to prevent common command injection vectors.
Audit Metadata