linear-project-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill exhibits a vulnerability surface where it treats external data as high-authority instructions.
- Ingestion points: The skill reads
.claude/rules/linear/README.mdfrom the user's project directory. - Boundary markers: Absent. The instructions explicitly state this file is the 'single source of truth' and that the agent 'MUST' follow its conventions.
- Capability inventory: The skill has write access to the user's Linear instance via
mcp__linear-server__create_project. - Sanitization: None. There is no validation to ensure the README content does not contain malicious instructions meant to hijack project creation or subagent tasks.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file access (e.g., SSH keys), or suspicious network requests were detected.
- Remote Code Execution (SAFE): The skill does not download external scripts or packages, and it does not use dynamic execution functions like eval or exec.
Audit Metadata