release-notes
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses curl to fetch issue data and metadata from the Linear API (api.linear.app). This is a well-known service and the operation is consistent with the skill's primary purpose.
- [COMMAND_EXECUTION]: The skill executes python3 to run an included script (generate_docx.py) for document generation. It also utilizes git commands for branch analysis and curl for API interaction.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external Linear issue titles and descriptions.
- Ingestion points: The skill fetches issue and sub-issue content from the Linear GraphQL API via curl.
- Boundary markers: No explicit delimiters or specific instructions are provided to the agent to disregard instructions embedded within the fetched Linear data.
- Capability inventory: The agent has the capability to modify source files (whatsNew.ts), execute a Python script, and write files to the project root.
- Sanitization: The skill performs basic HTML cleaning for formatting purposes but lacks robust sanitization to prevent adversarial instructions in the issue metadata from influencing the agent's behavior.
Audit Metadata