syncing-linear
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes content from
definition.mdanddesign.mdto generate structured descriptions and titles for Linear issues. This ingestion of untrusted data could be exploited if those files contain malicious instructions designed to manipulate the agent's behavior during the synchronization process. - Ingestion points:
definition.mdanddesign.mdlocated indocs/issues/YYYY-MM-DD-<slug>/. - Boundary markers: Absent. The skill does not define clear delimiters or include 'ignore embedded instructions' warnings when reading the source artifacts.
- Capability inventory: The agent can list teams, create/update issues, and create/update documents via the
linear-servertoolset. - Sanitization: Absent. The instructions focus on formatting and summarizing the content but do not mandate sanitization or escaping of the input data to prevent injection attacks.
Audit Metadata