linear-comments
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
linear-clicommands to manage Linear issue comments, which is its primary and intended functionality. - [PROMPT_INJECTION]: The skill reads untrusted data from an external source when listing comments, establishing an indirect prompt injection surface.
- Ingestion points: Results from the
linear-cli cm listcommand inSKILL.md. - Boundary markers: None present in the instructions.
- Capability inventory: Linear comment management (list, create, update, delete) via
linear-cli. - Sanitization: No explicit sanitization or filtering of external comment data is performed.
Audit Metadata