Skills
skills/openhands/extensions/linear/Gen Agent Trust Hub

linear

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl to execute GraphQL queries and mutations against the Linear API as described in SKILL.md.
  • [EXTERNAL_DOWNLOADS]: Fetches data and sends updates to api.linear.app. This is the official endpoint for Linear, a well-known project management service.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface because it retrieves and processes untrusted data from an external source.
  • Ingestion points: Content enters the agent context via issue titles, descriptions, and comment bodies fetched in the issueSearch and issue queries in SKILL.md.
  • Boundary markers: Absent. The instructions do not define delimiters or provide warnings to ignore instructions that might be embedded in the retrieved issue data.
  • Capability inventory: The agent can use curl to perform network operations, including mutations that modify states or create comments on the Linear platform as shown in SKILL.md.
  • Sanitization: Absent. There is no evidence of filtering or sanitizing the content retrieved from the API before it is presented to the model.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 02:05 PM
Security Audit — agent-trust-hub — linear