seamless-remote-debugging
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute administrative commands on remote servers using SSH (e.g.,
ssh <ssh_hostname> rhl-cat-log <key>). These operations are intended for debugging services within the Seamless ecosystem and are managed through a specialized helper utility (rhl-guard) designed to restrict command patterns. - [DATA_EXFILTRATION]: The guide describes accessing service logs and status JSON files (
~/.remote-http-launcher/server/). While this involves reading remote data, the access is limited to the application's own execution state and is required for identifying the root cause of server-side failures. - [INDIRECT_PROMPT_INJECTION]: The skill establishes a workflow where an agent ingests and interprets external data from logs and status files. This creates a surface for indirect injection if a compromised process writes malicious instructions to these files.
- Ingestion points: Service log files (
{key}.log) and state JSON files ({key}.json) located on the remote frontend. - Boundary markers: None; the agent is directed to read the raw log output for tracebacks and errors.
- Capability inventory: The agent has the ability to execute remote commands via SSH and delete files (cache clearing).
- Sanitization: No specific sanitization or instruction-ignoring delimiters are provided for the log analysis phase.
Audit Metadata