requirements-ticket-agent
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection.
- Ingestion points: Processes raw user requests and JSON content from prior handoff comments (SKILL.md).
- Boundary markers: Utilizes markdown comments and JSON code blocks to separate handoff context, though these provide no protection against adversarial content.
- Capability inventory: Possesses the ability to write configuration files to the repository root and perform ticket operations on external trackers via MCP tools.
- Sanitization: No explicit sanitization or validation of untrusted user input or handoff data is specified before it is used in logic or external tool calls.
- [COMMAND_EXECUTION]: The skill performs file system modifications and interacts with external services.
- Writes and manages the /orchestra-config.json configuration file at the repository root.
- Executes operations on external issue tracking platforms like Linear through the Model Context Protocol (MCP).
Audit Metadata