pp-linear
Pass
Audited by Gen Agent Trust Hub on May 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the
linear-pp-clitool usingnpx -y @mvanhorn/printing-pressandgo install github.com/mvanhorn/printing-press-library/.... Both sources are under the author's namespace and are required for the skill's functionality. - [COMMAND_EXECUTION]: The skill requires the use of the
Read Bashtool to execute various subcommands of thelinear-pp-clibinary. This is the intended behavior for interacting with the Linear API and local store. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. 1. Ingestion points: issue data retrieved from Linear GraphQL API (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: execution of CLI via
Read Bashtool and issue creation/update mutations. 4. Sanitization: use of--agentflag for structured JSON output helps minimize accidental interpretation of content.
Audit Metadata