ln-315-review-merge-worker
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows a structured workflow for data deduplication and verification without utilizing dangerous command execution or network exfiltration tools. While it ingests data from external agents (Codex, Gemini), the risk of indirect prompt injection is mitigated by the lack of exploitable capabilities in the skill's environment.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes findings from external agents.
- Ingestion points: Phase 1 instructions involve loading agent findings from Codex and Gemini.
- Boundary markers: No explicit markers are used to separate instruction context from ingested findings.
- Capability inventory: The skill is restricted to file operations within the project's local directory (e.g., .hex-skills/) and does not possess capabilities for subprocess execution or network requests.
- Sanitization: No specific sanitization logic is described for the external inputs before they are evaluated against the architecture gate.
Audit Metadata