linear
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- General Security Posture (SAFE): The skill provides a standard interface for interacting with the Linear API through the Refly workflow engine. Analysis of the execution steps shows no unauthorized command execution, data exfiltration, or credential harvesting.
- Indirect Prompt Injection Surface (LOW): As an 'action' category skill, it ingests user-provided text for issue titles and descriptions. While these are interpolation points for untrusted data, the skill acts as a pass-through to a structured API, and the risk of exploitation within the agent context is minimal.
- Dependency Analysis (SAFE): The skill utilizes the
reflyCLI and standard utilities likejqfor processing JSON output, which are expected tools within this ecosystem.
Audit Metadata