skills/oldwinter/skills/diagnose/Gen Agent Trust Hub

diagnose

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a standard software engineering workflow for bug diagnosis, including reproduction, hypothesis testing, and instrumentation. All recommended actions (e.g., unit tests, curl scripts, git bisect) are common developer practices.
  • [SAFE]: The included bash script scripts/hitl-loop.template.sh is a benign utility designed to facilitate structured communication between the agent and a human user during reproduction steps. It uses safe shell practices, such as printf -v for variable assignment and set -euo pipefail for error handling.
  • [SAFE]: While the skill exhibits an indirect prompt injection surface (Category 8) by processing user-provided bug reports and interactive feedback, this risk is inherent to its primary function as a debugging tool and is not indicative of malicious intent.
  • Ingestion points: User-provided bug reports and inputs captured during the HITL loop in scripts/hitl-loop.template.sh.
  • Boundary markers: None present.
  • Capability inventory: Use of CLI tools, HTTP requests via curl, headless browser automation, and shell script execution.
  • Sanitization: No explicit sanitization of user-provided reproduction steps or symptoms is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 12:29 AM
Security Audit — agent-trust-hub — diagnose