Linear

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflows (SKILL.md and api.md, plus scripts like scripts/query.ts and the MCP configuration) instruct the agent to fetch and read Linear workspace data via the Linear GraphQL API and MCP server (e.g., issue/project descriptions, comments, and external resource links), which are user-generated content that the agent is expected to interpret and use to drive actions (create/update issues, set statuses, choose labels), so untrusted third-party content can materially influence tool decisions.