Linear Attachments
Pass
Audited by Gen Agent Trust Hub on Jun 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill contains architectural guidance and code snippets for interacting with Linear's official API.
- [COMMAND_EXECUTION]: Although the skill configuration includes 'Bash' in its allowed-tools, the documentation does not contain any instructions or scripts that perform shell operations. The code examples focus exclusively on standard API interactions.
- [DATA_EXFILTRATION]: Network communication is directed toward official Linear endpoints and well-known services such as GitHub and Microsoft Graph. The skill correctly identifies that asset URLs require authentication and should not be shared publicly.
- [CREDENTIALS_UNSAFE]: The skill demonstrates secure secret management by explicitly instructing the use of environment variables for API keys rather than hardcoding sensitive credentials in the source code.
Audit Metadata