reproduce-bug
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external data from Linear tickets to create test cases.
- Ingestion points: The skill accepts ticket titles, descriptions, and comments via
$ARGUMENTS(Step 1). - Boundary markers: There are no explicit markers or instructions to treat the ticket content as untrusted data.
- Capability inventory: The agent is instructed to write files (Step 7) and execute shell commands such as
pnpm testandpnpm build(Step 8). - Sanitization: No sanitization or validation of the ticket input is specified before it is used to generate executable test code.
- [Dynamic Execution] (LOW): The skill explicitly directs the agent to generate and run new code at runtime.
- Description: Steps 7 and 8 involve creating new test files (
.tsor.js) and executing them. Although dynamic code generation is typically a MEDIUM risk, it is the primary purpose of this bug-reproduction framework, justifying a downgrade to LOW severity. - [Command Execution] (SAFE): The skill uses standard development commands like
pnpm test,pnpm build, andgit log. These are used appropriately within the context of a software development environment.
Audit Metadata