task
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from external platforms including GitHub issues, PRs, and Linear tickets to serve as the source of truth for task execution. This creates a surface for indirect prompt injection where an attacker could place malicious instructions in an issue comment to manipulate the agent's behavior during implementation or verification. Ingestion points: 'gh issue view', 'gh pr view', and Linear integration (SKILL.md).
- [COMMAND_EXECUTION]: The agent is instructed to use powerful CLI tools such as 'gh', 'git', and 'pnpm'. While standard for development, these capabilities could be leveraged if the agent follows malicious instructions from an injected prompt. (SKILL.md)
- [EXTERNAL_DOWNLOADS]: The skill facilitates dependency management through 'pnpm install' and 'pnpm run reinstall' from official registries. (SKILL.md)
Audit Metadata