linear-issues
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the
linearispackage from the npm registry. This tool is a community-maintained CLI used to interact with the Linear API. - [COMMAND_EXECUTION]: The skill relies on executing shell commands through the
linearisCLI for ticket operations andjqfor parsing and filtering the resulting JSON data. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes issue descriptions and comments which originate from external users and are potentially untrusted.
- Ingestion points: Issue descriptions and comments retrieved from
linearis issues read,list, andsearchcommands. - Boundary markers: Absent; ticket content is interpolated directly into the debugging context and shell variables (e.g.,
ISSUE_DESC). - Capability inventory: The skill has the ability to execute shell commands (
linearis,jq) and write files to the local file system. - Sanitization: No sanitization, escaping, or validation is performed on the retrieved ticket content before it is displayed or processed.
- [DATA_EXFILTRATION]: The skill frequently writes Linear issue data to the
/tmpdirectory (e.g.,/tmp/linear-issues-$(date +%Y%m%d).json). This exposes potentially sensitive project information to other users or processes on the same system.
Audit Metadata