linear-done
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
linear-clicommands via the Bash tool to update issue statuses based on local environment state. - [PROMPT_INJECTION]: The skill ingests data from git branch names, creating an indirect prompt injection surface. Mandatory Evidence: (1) Ingestion points: local git branch names; (2) Boundary markers: none; (3) Capability inventory: bash tool execution of
linear-cli; (4) Sanitization: the skill body describes extracting issue IDs, which implies a filtering process to isolate specific ID patterns.
Audit Metadata