scrum-conductor
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection Surface. The skill is designed to automatically ingest and synthesize untrusted data from external sources, creating a risk that malicious instructions embedded in PRs or chat logs could influence agent behavior.
- Ingestion points: Git logs, PR descriptions, Slack messages, Microsoft Teams messages, and Jira/Linear tickets as defined in
SKILL.mdandreferences/daily-rituals.md. - Boundary markers: None identified; there are no specified delimiters to separate untrusted telemetry data from agent system instructions.
- Capability inventory: The skill has the ability to trigger other agent tools via
activate_skilland run local scripts such asscripts/sync-github-to-linear.ts. - Sanitization: No mentions of input validation or sanitization are present in the provided protocols.
Audit Metadata