sync
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides legitimate automation for project management, helping developers keep their Git state and Linear boards in sync.
- [COMMAND_EXECUTION]: It uses the Bash tool to run Git and Linear CLI commands required for status checking and synchronization. Evidence:
git log,git branch,linear issue update. - [EXTERNAL_DOWNLOADS]: Suggests the installation of a third-party Linear CLI from
github.com/schpet/linear-cliif the tool is not found locally. This is a common utility for Linear users. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted text from development artifacts.
- Ingestion points: Git commit logs, branch names, and Linear issue descriptions.
- Boundary markers: Absent.
- Capability inventory: Execution of Bash commands for Git and Linear operations.
- Sanitization: Does not perform explicit sanitization of text ingested from external project data.
Audit Metadata