linear
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes local CLI tools including
mcporter,git, andjqto perform its tasks. - Evidence:
git config user.emailis called to identify the current user for issue filtering. - [PROMPT_INJECTION] (LOW): Potential for indirect prompt injection through external data processing.
- Ingestion points: Reads issue titles, descriptions, and comments from the Linear API via
list_issuesandget_issue(SKILL.md). - Boundary markers: Absent. There are no explicit instructions for the agent to treat data from Linear as untrusted or to ignore embedded instructions.
- Capability inventory: Subprocess execution of
mcporterfor creating/modifying issues and comments (SKILL.md). - Sanitization: None. The agent is encouraged to use issue context to generate descriptions and summaries, which could trigger unwanted actions if an issue contains malicious instructions.
Audit Metadata