lcs-debug-ext
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill explicitly prohibits the agent from applying any code changes or modifying source, test, or configuration files, ensuring that the operation remains diagnostic and non-destructive.
- [SAFE]: All generated artifacts are restricted to specific, timestamped work-item directories within
.lcs/work-items/, which prevents unauthorized file writes to the project root or other sensitive directories. - [SAFE]: The 'hitl-loop.template.sh' script is a benign helper tool designed to facilitate manual observation notes and does not include any malicious command execution patterns.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted external data such as logs and error messages, creating a potential surface for indirect prompt injection.
- Ingestion points: Error messages, stack traces, logs, and HAR files are ingested as context in Phase 1 and Phase 2.
- Boundary markers: The skill requires the agent to separate user claims from observed output and code evidence, reducing the risk of accidental obedience to instructions embedded in logs.
- Capability inventory: The agent can execute reproduction commands and write to dedicated output directories.
- Sanitization: The workflow mandates a cleanup checklist and documentation of any temporary instrumentation, ensuring transparency and remediation of temporary changes.
Audit Metadata