ln-510-quality-coordinator
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface in Phase 4 when launching agent reviews.\n
- Ingestion points: External data is ingested from Linear (story/task metadata), git (code diffs), and kanban board files.\n
- Boundary markers: The skill uses templates from shared/agents/prompt_templates/review_base.md but lacks explicit delimiters or instructions to ignore embedded commands in the ingested data.\n
- Capability inventory: The coordinator can modify code via ln-512, create git commits, and execute various system tools.\n
- Sanitization: No evidence of sanitization or escaping of external content is found before interpolation into prompts.\n- [COMMAND_EXECUTION]: The skill executes external development tools and internal scripts. It dynamically detects and runs linters or type-checkers (Phase 6) and executes a vendor-provided Python script (shared/agents/agent_runner.py) to manage background tasks.
Audit Metadata