Linear Attachments

Pass

Audited by Gen Agent Trust Hub on Jun 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill contains architectural guidance and code snippets for interacting with Linear's official API.
  • [COMMAND_EXECUTION]: Although the skill configuration includes 'Bash' in its allowed-tools, the documentation does not contain any instructions or scripts that perform shell operations. The code examples focus exclusively on standard API interactions.
  • [DATA_EXFILTRATION]: Network communication is directed toward official Linear endpoints and well-known services such as GitHub and Microsoft Graph. The skill correctly identifies that asset URLs require authentication and should not be shared publicly.
  • [CREDENTIALS_UNSAFE]: The skill demonstrates secure secret management by explicitly instructing the use of environment variables for API keys rather than hardcoding sensitive credentials in the source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 8, 2026, 12:01 PM
Security Audit — agent-trust-hub — Linear Attachments