debug-fixed
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
bun ./scripts/stop-collector.mjsto stop a local background process and suggestsrm -rf .debugfor directory cleanup. - [COMMAND_EXECUTION]: The script
scripts/stop-collector.mjsusesprocess.kill()to send SIGTERM and SIGKILL signals to a process ID retrieved from a local file (.debug/collector.pid). - [PROMPT_INJECTION]: The skill uses the
$ARGUMENTSplaceholder to ingest user notes into the prompt context without the use of boundary markers or specific sanitization, creating a surface for indirect prompt injection if user-provided content contains instructions intended to override the agent's workflow.
Audit Metadata