diagnosing-bugs
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to run various commands on the local system, including test suites, CLI tools, curl requests against development servers, and custom reproduction scripts. This is core to the skill's purpose of debugging.
- [PROMPT_INJECTION]: The skill relies on external data such as user reports and captured network traces (HAR files) to build reproduction scripts, which creates a potential surface for indirect prompt injection.
- [PROMPT_INJECTION]: Ingestion points: User descriptions, HAR files, and log dumps referenced in Phase 1.
- [PROMPT_INJECTION]: Boundary markers: The instructions do not define delimiters to isolate external data from the agent's primary instructions.
- [PROMPT_INJECTION]: Capability inventory: The skill can execute shell commands, run browser automation (Playwright/Puppeteer), and perform file system operations.
- [PROMPT_INJECTION]: Sanitization: No specific sanitization logic is provided for handling content from external artifacts like trace files.
Audit Metadata