bugfix
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted user input, including bug descriptions and error logs, which are interpolated into task instructions for parallel agents (debugger and verification-planner).
- Ingestion points: The skill extracts 'Bug description' and 'Error output' from user input in Step 1.1 of SKILL.md.
- Boundary markers: No explicit delimiters or 'ignore' instructions are used to wrap user-provided data within the agent prompt templates.
- Capability inventory: The execution environment permits 'Bash', 'Write', and 'Edit' operations, which are accessible via the allowed tools list and the invoked execute skill.
- Sanitization: No explicit validation or sanitization logic is present for user-provided strings before they are incorporated into the 'spec.json' file or passed to subprocess tasks.
- [COMMAND_EXECUTION]: The skill frequently executes shell commands via the 'hoyeon-cli' for session management, specification initialization, and validation. These are standard operations for the skill's intended purpose of orchestrating a debugging workflow.
Audit Metadata