Linear Todo Sync
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [External Downloads] (LOW): The skill requires the installation of external Python packages (requests, python-dotenv, mdutils) to function. While these are common and reputable libraries, they represent external code dependencies.
- [Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from the Linear API and places it into a markdown file that the agent is expected to process. Malicious task descriptions or titles could be used to influence the agent's behavior. (1) Ingestion points: Linear GraphQL API. (2) Boundary markers: The documentation describes a standard markdown structure but does not mention specific delimiters to isolate untrusted content. (3) Capability inventory: The skill is granted Bash, Write, Read, and Glob tools. (4) Sanitization: No sanitization or escaping of the remote content is mentioned in the implementation details.
Audit Metadata