linear
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted data from Linear issue titles and descriptions which are then presented to the agent. This content could potentially contain malicious instructions intended to influence the agent's behavior.
- Ingestion points: Issue details and metadata retrieved through the linear.sh script.
- Boundary markers: No specific delimiters or safety warnings are implemented in the markdown examples to isolate external issue content.
- Capability inventory: The skill can execute shell commands via git and the GitHub CLI (gh), and perform writes to the Linear API (comments, status updates).
- Sanitization: There is no evidence of input sanitization or validation in the provided documentation or script references.
Audit Metadata