linear-favorites
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes the Bash tool to execute
linear-clicommands for listing, adding, and removing favorites. No suspicious or unauthorized command patterns were detected. - Indirect Prompt Injection (LOW): The skill processes data from Linear (issue IDs and project information) which is an untrusted external source. 1. Ingestion points: Data entering the agent context via the output of
linear-cli fav list. 2. Boundary markers: None present in the command examples. 3. Capability inventory: Includes the ability to modify Linear favorites via add/remove commands. 4. Sanitization: No sanitization or validation of the CLI output is performed before it is handled by the agent.
Audit Metadata