Skills
skills/levnikolaevich/claude-code-skills/ln-311-agent-reviewer/Gen Agent Trust Hub

ln-311-agent-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources and incorporates it into agent prompts.
  • Ingestion points: Data is ingested from the Linear API (via get_issue and list_issues) or from local Markdown files (via Read and Glob) representing stories and tasks.
  • Boundary markers: The workflow does not explicitly mention the use of delimiters or 'ignore embedded instructions' warnings when replacing placeholders like {story_ref} and {task_refs} in the story_review.md template.
  • Capability inventory: The skill possesses file read/write capabilities (Read, Save, Glob) and the ability to interact with the Linear API to retrieve issue details.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested story/task content before it is passed to the external review agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 09:25 AM