x-linear-issues
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (LOW): The skill's prerequisites instruct the user to execute
npx -y mcp-remote https://mcp.linear.app/mcp. This involves downloading and running a remote script/server. Although it targets the official Linear domain, it follows a remote code execution pattern. - Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted external data, which is an attack surface for indirect prompt injection.
- Ingestion points: The workflow specifically targets Obsidian notes, markdown files, and Slack threads (SKILL.md).
- Boundary markers: Absent. There are no explicit delimiters or instructions for the agent to ignore commands that might be embedded in the source documents.
- Capability inventory: The skill possesses write capabilities including
user-linear-create_issue,user-linear-update_issue, anduser-linear-create_comment. - Sanitization: Absent. The instructions do not define any sanitization or validation logic for the text extracted from external documents.
Audit Metadata