linear
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from an external source.
- Ingestion points: The
scripts/linear.shscript fetches issue titles, descriptions, and comments from the Linear GraphQL API. - Boundary markers: The skill does not use delimiters or instructions to prevent the agent from obeying commands embedded in fetched Linear content.
- Capability inventory: The skill performs network operations via
curland can modify state in Linear. - Sanitization: No sanitization or filtering is performed on the data retrieved from the API before it is presented to the agent.
Audit Metadata