linear
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses curl to execute GraphQL queries and jq to parse the responses from Linear's API.
- [EXTERNAL_DOWNLOADS]: The skill communicates with api.linear.app, the official API endpoint for the Linear project management service.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it retrieves untrusted text from an external source.
- Ingestion points: Issue descriptions, titles, and comments are fetched in SKILL.md through various search and detail queries.
- Boundary markers: No delimiters or instructions directing the agent to ignore embedded instructions within the data are provided.
- Capability inventory: The agent has the ability to execute network requests (via curl) and perform mutation operations on Linear issues.
- Sanitization: No sanitization of the retrieved text content is performed before it is presented to the agent.
Audit Metadata