Linear
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, deceptive instructions, or unauthorized security bypasses were detected in the skill's implementation.
- [COMMAND_EXECUTION]: Executes legitimate Linear-related operations through Node.js scripts and an optional local CLI integration. The skill uses a shared runner to manage script execution and fallback mechanisms.
- [EXTERNAL_DOWNLOADS]: Fetches official dependencies from the NPM registry and interacts with the official Linear GraphQL API and asset storage. These network operations are essential for the skill's purpose.
- [CREDENTIALS_UNSAFE]: Implements secure handling of the Linear API key by advising the use of environment variables and providing guidance on using secret management tools like
varlockto prevent accidental exposure. - [DATA_EXFILTRATION]: Network activity is confined to communication with the official Linear service infrastructure for issue management and asset hosting. No suspicious data exfiltration or unauthorized external requests were found.
- [PROMPT_INJECTION]: Instructions follow standard patterns for agent automation and do not contain attempts to override core safety filters or manipulate the agent's behavior maliciously.
Audit Metadata