managing-linear
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
npxcommand throughout its workflow to execute thelinearisCLI tool. - [EXTERNAL_DOWNLOADS]: The skill downloads the
linearispackage from the npm registry usingnpx -y. Additionally, it includes functionality to download file embeds from remote Linear asset URLs to the local filesystem. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it ingests and processes untrusted content from an external source (Linear API).
- Ingestion points: Data enters the context via
npx -y linearis issues read,npx -y linearis comments create(reading existing context), andnpx -y linearis documents readas described inreferences/cli-reference.md. - Boundary markers: None. The skill does not instruct the agent to use delimiters or ignore embedded instructions when reading content from Linear.
- Capability inventory: The skill has access to the
Bashtool, allowing it to execute shell commands and write files to the/tmpdirectory. - Sanitization: No sanitization, escaping, or validation of the external content is performed before it is presented to the agent.
Audit Metadata