Skills
skills/levnikolaevich/claude-code-skills/ln-301-task-creator/Gen Agent Trust Hub

ln-301-task-creator

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted input data (task descriptions, plans) to generate Linear issues, creating an indirect prompt injection surface.
  • Ingestion points: 'newTaskDescription', 'refactoringPlan', and 'testPlan' inputs from orchestrators.
  • Boundary markers: None identified in the prompt instructions to isolate external task content.
  • Capability inventory: Local codebase scanning via Grep, Linear API issue creation (create_issue), and local file modification (kanban_board.md).
  • Sanitization: No explicit validation, escaping, or instruction-ignoring logic is defined for the input strings.
  • Mitigation: The skill requires explicit user confirmation before proceeding with any state-changing actions.
  • [COMMAND_EXECUTION]: Uses a Grep tool to perform keyword-based codebase scans in the 'src/' directory during the DRY Check phase to detect logic duplication.
  • [EXTERNAL_DOWNLOADS]: Fetches the Mermaid.js library from the well-known JSDelivr CDN in diagram.html to render process diagrams.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 11:56 PM