linear-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill is composed strictly of documentation (SKILL.md) and YAML metadata. It does not include any Python scripts, Node.js packages, or binary executables.
- [External Downloads] (SAFE): The skill references 'https://rube.app/mcp' and 'composio.dev'. These are standard endpoints and documentation links for the Rube/Composio integration. No unauthorized downloads or 'curl | bash' patterns were detected.
- [Indirect Prompt Injection] (LOW): The skill enables the agent to read external data from Linear (issues, comments). This creates a surface for indirect prompt injection where malicious text in a Linear issue could attempt to influence agent behavior. This is a known risk for any tool interacting with external data.
- Ingestion points:
LINEAR_SEARCH_ISSUES,LINEAR_GET_LINEAR_ISSUE(SKILL.md) - Boundary markers: None specified in the instructions.
- Capability inventory: Data modification via
LINEAR_UPDATE_ISSUEandLINEAR_RUN_QUERY_OR_MUTATION. - Sanitization: Not mentioned in the skill; relies on the agent's internal safety filters.
Audit Metadata