linear-dev-accelerator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation instructs users to install and run the '@linear/mcp-server' package via npm and npx. While '@linear' is not on the predefined list of trusted organizations, the package is a standard and essential dependency for the skill's primary purpose of Linear integration. The severity is downgraded to LOW based on the primary purpose rule.
- [PROMPT_INJECTION] (LOW): The skill exhibits a surface for Indirect Prompt Injection (Category 8) as it processes data from an external source (Linear).
- Ingestion points: Data retrieved from Linear using tools like 'list_issues' and 'list_cycles'.
- Boundary markers: The documentation does not specify boundary markers or instructions to ignore instructions embedded in the issue descriptions or comments.
- Capability inventory: The skill includes tools to create and update issues, comments, and projects ('create_issue', 'update_issue', 'create_comment', 'create_project', 'update_project'), allowing an agent to modify state based on potentially injected instructions.
- Sanitization: There is no evidence of sanitization or validation of the content retrieved from Linear before it is processed by the agent.
Audit Metadata