triage-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The helper scripts in the
scripts/directory usesubprocess.run()with list-based arguments to interact withgit,gh, andlinearis. This implementation avoids shell interpolation and protects against command injection from user-provided ticket titles or descriptions. - [EXTERNAL_DOWNLOADS] (SAFE): The skill references reputable third-party tools (GitHub CLI, Linearis, OpenSpec) and provides standard installation procedures for these dependencies.
- [DATA_EXFILTRATION] (SAFE): While the workflow involves interacting with API tokens (e.g.,
~/.linear_api_token), the analysis confirms that no data is transmitted to non-whitelisted or suspicious domains. Communication is restricted to the legitimate APIs of the tools used. - [PROMPT_INJECTION] (SAFE): No instructions designed to override AI safety filters or exfiltrate system prompts were found in the skill's documentation or markdown files.
Audit Metadata