ln-513-regression-checker
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes shell commands to run test suites including pytest, npm test, and go test. Commands are derived from auto-discovery or the project's runbook.md file.\n- [EXTERNAL_DOWNLOADS]: Fetches markdown reference files from the author's GitHub repository (github.com/levnikolaevich/claude-code-skills) when local files are missing. This is used for input resolution, tool detection, and output normalization patterns.\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection (Category 8) as the skill processes untrusted data from project documentation and test logs.\n
- Ingestion points: Reads project documentation (docs/project/infrastructure.md, docs/project/runbook.md) and captures stdout/stderr from test processes.\n
- Boundary markers: The skill does not implement specific delimiters or instructions to isolate the ingested test outputs from the agent's core instructions.\n
- Capability inventory: Executes shell commands via subprocess and posts comments to the Linear platform.\n
- Sanitization: Test outputs are parsed for results but are not sanitized or validated before being included in the agent context.
Audit Metadata