Skills
skills/davila7/claude-code-templates/linear-automation/Gen Agent Trust Hub

linear-automation

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs the agent to connect to an external Model Context Protocol (MCP) server endpoint at https://rube.app/mcp for tool definitions and command execution.
  • [COMMAND_EXECUTION]: Provides the LINEAR_RUN_QUERY_OR_MUTATION tool, enabling the execution of arbitrary GraphQL strings. This capability allows the agent to perform any operation supported by the Linear API, bypassing the structure of specific tools.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection, as it processes content (titles, descriptions, comments) from the Linear workspace which could contain malicious instructions.
  • Ingestion points: Linear data is retrieved using tools such as LINEAR_GET_LINEAR_ISSUE, LINEAR_SEARCH_ISSUES, and LINEAR_LIST_LINEAR_ISSUES.
  • Boundary markers: There are no instructions for the agent to use delimiters or ignore embedded directives when processing ticket content.
  • Capability inventory: The skill allows creating and updating issues, projects, labels, and comments, and executing arbitrary mutations via GraphQL.
  • Sanitization: No validation or sanitization of the retrieved external content is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 12:57 PM