linkly-ai
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The README.md file provides installation instructions for the vendor's CLI tool using standard piped-to-shell patterns (curl ... | sh and irm ... | iex) hosted on the official linkly.ai domain.
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various linkly CLI commands to perform search, outline, and read operations on the user's local system.
- [PROMPT_INJECTION]: The skill processes content from local documents which may contain untrusted data or malicious instructions. The skill includes specific warnings to treat document content as untrusted to mitigate potential indirect prompt injection attacks.
- Ingestion points: SKILL.md (via linkly read, linkly grep, and linkly search tools)
- Boundary markers: Absent in the raw data stream but mitigated by explicit safety instructions in SKILL.md
- Capability inventory: SKILL.md (shell command execution of linkly CLI)
- Sanitization: No programmatic sanitization detected; the skill relies on agent compliance with provided safety instructions.
Audit Metadata