ln-521-test-researcher
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes untrusted data from external web searches and Linear stories which could contain malicious instructions designed to influence the research summary or subsequent agent actions.
- Ingestion points: External data enters the agent context during Phase 3, 4, and 5 (Web Search results from Reddit, StackOverflow, etc.) and Phase 2 (Story details from Linear).
- Boundary markers: The skill instructions do not define any specific delimiters or instructions to ignore embedded commands within the fetched external data.
- Capability inventory: The skill can read local repository files (kanban_board.md, references/), perform web searches, and write comments to the Linear API.
- Sanitization: No explicit sanitization, validation, or filtering of the retrieved external content is specified before the data is used to compile findings.
Audit Metadata