Skills
skills/marcioaltoe/skills/systematic-debugging/Gen Agent Trust Hub

systematic-debugging

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a shell script find-polluter.sh which executes npm test on files discovered via a user-defined pattern. Additionally, the skill provides examples of diagnostic commands (e.g., security list-keychains, codesign) used for debugging complex system failures.
  • [PROMPT_INJECTION]: The skill is designed to analyze untrusted data sources such as error messages, logs, and stack traces (Phase 1: Root Cause Investigation). This creates a surface for indirect prompt injection where instructions embedded in log output could attempt to influence the agent's analysis.
  • Ingestion points: Error messages, logs, and stack traces (SKILL.md).
  • Boundary markers: Absent; the instructions do not specify the use of delimiters when processing external debug data.
  • Capability inventory: The skill possesses the ability to execute shell commands (npm test, diagnostic tools) and read local files.
  • Sanitization: Absent; no explicit sanitization or validation of external log content is defined.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 02:07 AM
Security Audit — agent-trust-hub — systematic-debugging