linear-release-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires fetching and parsing the public README on GitHub (https://github.com/linear/linear-release/blob/main/README.md) before generating CI config, so the agent will ingest and act on untrusted, third‑party repository content that can materially influence configuration decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). I flagged https://github.com/linear/linear-release/blob/main/README.md because the skill explicitly instructs "Fetch it before generating any config" and therefore pulls remote README content at runtime which directly shapes the agent's prompts/instructions and the generated CI configuration.