multi-version-compliance

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external content to drive its automation logic.
  • Ingestion points: The agent reads potentially untrusted text from Linear issue descriptions, comments (via mcp__linear-server__get_issue), and GitHub pull request diffs (via gh pr diff).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external content as untrusted data or to ignore embedded instructions.
  • Capability inventory: The skill leverages Bash, Write, and Edit tools, enabling it to execute commands and modify the local codebase based on recommendations parsed from external sources.
  • Sanitization: There is no evidence of validation or sanitization applied to the text retrieved from external task management or version control systems.
  • [EXTERNAL_DOWNLOADS]: The skill retrieves data and code fragments from trusted and well-known services.
  • Downloads issue data and developer comments from the official Linear service.
  • Fetches pull request diffs and state information from the authoritative nrwl/nx repository on GitHub.
  • [COMMAND_EXECUTION]: The skill uses shell commands to verify compliance and interact with repository tooling.
  • Executes npx nx test to run plugin test suites after modifications.
  • Utilizes the GitHub CLI (gh) to query PR metadata and content.
  • Uses git for branch management and local diff evaluation during the review and implementation phases.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 07:59 PM
Security Audit — agent-trust-hub — multi-version-compliance