ln-402-task-reviewer
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill reviews task implementations and descriptions which can be influenced by external actors. It possesses the Bash capability to perform 'Mechanical Verification' (Step 8), creating a surface where malicious project configuration (such as scripts in a package.json) could be executed during the review process. This represents an indirect prompt injection vulnerability surface.
- Ingestion points: SKILL.md Step 3 (loading tracker data) and Step 4 (reading affected project files).
- Boundary markers: No explicit delimiters or boundary markers are defined for the data read from external trackers or project files.
- Capability inventory: The skill uses the 'Bash' tool to run linting and typechecking commands (Step 8) and 'WebFetch' for tracker interaction.
- Sanitization: No specific sanitization or validation of the commands detected via 'ci_tool_detection.md' is mentioned before execution.
Audit Metadata