linear-automation

SUSPICIOUS: the skill's core purpose is coherent, but it routes Linear authentication and data through a third-party managed MCP service, overstates setup simplicity, and exposes a broad custom GraphQL action surface. This is not confirmed malware, but it carries high trust and credential-routing risk compared with a direct Linear integration.