linear-milestones
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute project management tasks via the linear-cli utility.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to how it handles external data. • Ingestion points: Arguments such as project names, milestone IDs, names, and target dates are ingested into shell commands. • Boundary markers: No delimiters or specific instructions are provided to the agent to treat these inputs as data rather than commands. • Capability inventory: The skill has the capability to execute commands via the Bash tool. • Sanitization: There is no evidence of input validation, escaping, or sanitization before the data is passed to the shell environment.
Audit Metadata