create-issues
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests task descriptions from an external file and uses them to perform actions in Linear.
- Ingestion points: The skill reads task data from 'docs/project-plan-refined.md'.
- Boundary markers: No explicit delimiters or 'ignore' instructions are used when parsing the external plan file.
- Capability inventory: The skill has permissions to write to the filesystem and interact with the Linear API (create_project, create_issue) via MCP tools.
- Sanitization: There is no evidence of content sanitization or validation of the plan data before it is processed into Linear issues.
Audit Metadata