verification-before-completion
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by relying on external data sources.
- Ingestion points: Acceptance criteria are read from Linear issues.
- Boundary markers: No delimiters are specified to distinguish instructions from the retrieved issue data.
- Capability inventory: The agent is empowered to execute shell commands (build, lint, test) and manage task states.
- Sanitization: There is no process for validating or sanitizing the issue text before it influences agent behavior.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands locally, including build, lint, and test scripts. These are necessary for the skill's functionality but should be monitored for unexpected command sequences.
Audit Metadata