Skills
skills/finesssee/linear-cli/linear-cycles/Gen Agent Trust Hub

linear-cycles

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the linear-cli command-line tool to interact with the Linear API for managing sprint cycles. This tool is a vendor-owned resource provided by the author.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to how it handles external data.
  • Ingestion points: The skill retrieves cycle information (list, get) from the Linear API, which is then processed by the agent.
  • Boundary markers: No delimiters or specific instructions are used to separate untrusted external data from the agent's core instructions.
  • Capability inventory: The skill has the capability to list, create, update, delete, and complete cycles using shell commands.
  • Sanitization: There is no evidence of sanitization or content validation for data retrieved from the Linear API before it enters the prompt context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 11:21 AM