Skills
skills/yeeroen/skills/linear-implement/Gen Agent Trust Hub

linear-implement

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various git and GitHub CLI (gh) commands to manage the development workflow.
  • Evidence: Use of git worktree add, git push, and gh pr create as part of the automated implementation process.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from an external source (Linear tickets) to drive agent behavior.
  • Ingestion points: Ticket details including Title, Description, and Acceptance Criteria are fetched from Linear (SKILL.md, Step 1).
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' markers when presenting or processing the ticket data.
  • Capability inventory: The skill has the capability to write code, run shell-based test suites, create git worktrees, push to remote repositories, and open pull requests.
  • Sanitization: There is no mention of sanitizing or validating the content of the ticket fields before they are used to generate implementation plans or PR descriptions. Mitigation is provided via explicit instructions to 'wait for confirmation' from the user before proceeding with the implementation plan and before creating PRs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 07:48 PM