linear-time
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (HIGH): The skill is susceptible to indirect prompt injection. 1. Ingestion points: Untrusted data enters the context via 'linear-cli tm list' outputs from the external Linear API. 2. Boundary markers: Absent; no delimiters are used to isolate external content. 3. Capability inventory: The skill is explicitly permitted to use 'Bash' for command execution. 4. Sanitization: Absent; the agent may inadvertently follow instructions embedded in issue titles or descriptions during processing.
- COMMAND_EXECUTION (MEDIUM): The skill allows the agent to construct shell commands using data retrieved from external sources (Issue IDs). This creates a risk of command injection if an issue ID or description contains shell metacharacters intended to break out of the intended command structure.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill relies on 'linear-cli', an unverified third-party CLI tool that is not sourced from a trusted repository defined in the security policy.
Recommendations
- AI detected serious security threats
Audit Metadata