linear-project-status

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.78). The skill ingests outsider-authored free text from Linear at runtime—specifically mcp__claude_ai_Linear__get_status_updates (status update bodies), mcp__claude_ai_Linear__list_comments (project-level comment bodies), and mcp__claude_ai_Linear__list_issues (issue descriptions/comments fields if present)—which can include arbitrary text written by non-operating users and is then placed into the agent’s LLM context for analysis.