linear

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's scripts (scripts/linear-issue.ts and scripts/linear.ts) call the external Linear GraphQL endpoint (https://api.linear.app/graphql) to fetch teams, templates, workflow states, issues and comments—which are user-generated/untrusted—and the docs explicitly state outputs are printed/raw JSON for agent parsing (references/api.md and SKILL.md), so third-party content is read and can directly influence subsequent agent actions.