linear

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's scripts make authenticated GraphQL requests to api.linear.app/graphql (see scripts/linear.sh and SKILL.md commands like issue, team, and standup) and directly fetch and display user-generated issue titles/descriptions/comments from Linear, which the agent would read and could be influenced by embedded instructions in that third-party content.