Skills
skills/seangjr/product-skills/start-task/Gen Agent Trust Hub

start-task

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references and recommends the installation of the linear-cli from a third-party GitHub repository (github.com/schpet/linear-cli) if the tool is missing from the environment. While common for this workflow, the repository is not from a verified organization.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources (Linear issue descriptions and comments) which could contain malicious instructions designed to influence agent behavior during the planning phase.
  • Ingestion points: Data enters the context via linear issue view $ISSUE_ID output as described in SKILL.md.
  • Boundary markers: Absent. The skill does not use specific delimiters or instructions to ignore embedded commands within the fetched issue data.
  • Capability inventory: The agent has access to Bash (executing git and linear commands), Read, Glob, and Grep tools.
  • Sanitization: Absent. There is no evidence of filtering or validation of the content retrieved from the Linear API before it is used to generate implementation plans.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 08:15 AM