Skills
skills/spartan-stratos/spartan-ai-toolkit/service-debugging/Gen Agent Trust Hub

service-debugging

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute a series of diagnostic commands, such as git log, curl for health checks, psql for database connectivity tests, and grep for log analysis. These are standard utilities for backend service troubleshooting.
  • [DATA_EXFILTRATION]: The skill includes instructions to inspect environment variables using env | grep -i "DB_\|API_\|SECRET_". While this accesses sensitive configuration data (exposure), it is done locally for the purpose of verifying environment setup. There are no commands that transmit this data to external or untrusted domains.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads untrusted data from application logs and source code files.
  • Ingestion points: Application logs (logs/app.log) and Kotlin source files (src/*.kt) are read via grep and Read tools.
  • Boundary markers: None are specified in the instructions to separate external data from the agent's internal reasoning.
  • Capability inventory: The agent has access to Bash, Grep, and Read tools, allowing it to execute commands and read/search files.
  • Sanitization: The skill does not include instructions for sanitizing or escaping the content read from logs or source code before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 01:07 PM