ln-400-story-executor
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands (e.g.,
git branch,git worktree) to automate environment setup for specific tasks. These operations are limited to the local repository context and are essential for the skill's orchestration functionality. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests task descriptions from external sources. Ingestion points: Linear API (
list_issues,get_issue) and local Markdown files. Boundary markers: Extracts metadata using specific field patterns (e.g.,**Status:**). Capability inventory: Can execute git commands, modify files, and delegate to other skills. Sanitization: Employs a mandatory review loop via a separate reviewer skill (ln-402) and utilizes isolated sub-agent contexts for task executors, mitigating the impact of potentially malicious task content. - [SAFE]: The skill demonstrates safe orchestration patterns, relying on local reference files for configuration and maintaining strict worktree isolation for all development activities.
Audit Metadata