linear-sdk-telemetry-labeler
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No instructions were found that attempt to bypass AI safety constraints or override core agent behavior.
- [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill interacts exclusively with the Linear API through configured MCP tools.
- [REMOTE_CODE_EXECUTION]: No patterns of remote script execution or dynamic code evaluation were identified.
- [COMMAND_EXECUTION]: The skill uses specific, restricted tools (query_data, get_issue, save_issue) to perform its tasks. It does not attempt to execute arbitrary shell commands.
- [EXTERNAL_DOWNLOADS]: The skill references the official Linear MCP server repository on GitHub, which is a well-known and expected source for this integration.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-generated content from Linear issues (titles and descriptions). It follows a structured workflow that uses keyword heuristics and requires human verification of the proposed labels before execution, providing a strong defense against instruction injection within issue text.
Audit Metadata