lno-prioritize
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external issue trackers.
- Ingestion points: Fetches issue titles and descriptions from Linear and GitHub via MCP integrations (SKILL.md).
- Boundary markers: Absent; there are no clear delimiters or safety instructions provided to the agent to prevent it from following commands potentially embedded in issue descriptions.
- Capability inventory: The agent has tools to fetch and label issues in Linear and GitHub.
- Sanitization: Absent; external data is processed as natural language without escaping or validation.
Audit Metadata