linear
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses subprocess.run to interact with the linearis CLI and the Linear GraphQL API via curl. These operations are performed using structured argument lists, which is a secure practice that prevents shell injection.- [EXTERNAL_DOWNLOADS]: The skill requires the linearis CLI, which is a common utility for Linear integration. This is an expected external dependency for the skill's functionality.- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its core function of retrieving external content from Linear.
- Ingestion points: Untrusted data enters the context via the read-ticket.py, search-issues.py, and list-issues.py scripts which query the Linear API.
- Boundary markers: Absent. The scripts do not use specific markers to delineate retrieved ticket content from system instructions.
- Capability inventory: The skill includes commands for modifying tickets, projects, and documents across multiple scripts.
- Sanitization: No content filtering or instruction-stripping is performed on the data retrieved from the API.
Audit Metadata