ln-513-regression-checker
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill builds and executes shell commands for various test frameworks (pytest, jest, vitest, go test). It specifically prioritizes exact commands found in 'docs/project/runbook.md', allowing for arbitrary command execution based on file content.
- [DATA_EXFILTRATION]: The worker reads project infrastructure documentation ('docs/project/infrastructure.md') and runbooks to extract service endpoints, port allocations, and environment variables. These details are used to configure the test environment but involve processing potentially sensitive technical data.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through untrusted project files.
- Ingestion points: Reads instructions and commands from 'docs/project/runbook.md', 'docs/project/infrastructure.md', and framework-specific configuration files (e.g., pytest.ini, package.json).
- Boundary markers: None implemented; commands from the runbook are given priority over automated safety checks or detection logic.
- Capability inventory: Capability to execute arbitrary shell commands via the detected test framework CLI and post results to the Linear API.
- Sanitization: No evidence of input validation or escaping for commands extracted from project documentation before execution.
Audit Metadata