The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized commands were detected. The skill's behavior is consistent with its intended use as a project management aid.
[DATA_EXFILTRATION]: The skill accesses external URLs (PRDs) and interacts with the Linear MCP to create tickets. These network operations are core functional requirements and do not involve unauthorized exfiltration of sensitive local data or credentials.
[PROMPT_INJECTION]: The skill ingests untrusted data from external product requirements (URLs, GitHub, or Notion). This represents an indirect prompt injection surface. However, the workflow mitigates this risk through a mandatory approval step ('Quiz the user') before tickets are created. Evidence Chain: 1. Ingestion points: External PRD URLs, Notion pages, or pasted text (Step 1). 2. Boundary markers: XML-style tags are used for rules and templates. 3. Capability inventory: File exploration and Linear ticket creation via MCP. 4. Sanitization: Relies on user verification of proposed slices.

prd-to-tickets