The Agent Skills Directory

EXTERNAL_DOWNLOADS (LOW): The file diagram.html loads the Mermaid.js library from an external CDN (https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.min.js). While Mermaid is a reputable tool, fetching scripts from external domains at runtime is a dependency risk.
PROMPT_INJECTION (LOW): The skill is vulnerable to indirect prompt injection (Category 8) as it parses untrusted external data to drive its orchestration logic.
Ingestion points: The skill reads Linear comments to check for research and testing status in Phase 2 and Phase 3.
Boundary markers: The skill relies on specific string headers (e.g., '## Test Research:') which can be spoofed by any user with comment access to the Linear story, potentially tricking the orchestrator into skipping mandatory testing phases.
Capability inventory: The orchestrator has the ability to invoke multiple sub-agents using the Task tool.
Sanitization: The skill mitigates risk by using subagent_type: "general-purpose" for worker invocation, which provides context isolation between the orchestrator and the specialized workers.

ln-510-test-planner