ln-523-auto-test-planner
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches shared reference files and environment state contracts from the author's official GitHub repository (github.com/levnikolaevich/claude-code-skills) when local copies are unavailable.\n- [DATA_EXFILTRATION]: Accesses story descriptions and manual test results from the Linear task management platform or local filesystem to gather context for test planning.\n- [PROMPT_INJECTION]: The skill processes untrusted input from story comments and manual test results, creating a surface for potential indirect prompt injection.\n
- Ingestion points: linear
list_comments,Read story.md, and local glob patterns for task files.\n - Boundary markers: Not explicitly defined for the isolation of untrusted data.\n
- Capability inventory: Writes validation artifacts to
.hex-skills/and delegates complex task creation to sub-skills (ln-301, ln-302).\n - Sanitization: Includes structural validation using regex to verify the completeness and state of manual test results.
Audit Metadata