Skills
skills/reviewstage/stage-cli/linear-issue/Gen Agent Trust Hub

linear-issue

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the local environment to populate Linear issue fields. Injected content in metadata could result in misleading issues.
  • Ingestion points: Data extracted from args, conversation history, current directory name, and git branch (SKILL.md).
  • Boundary markers: The skill does not provide specific instructions to the agent to ignore or delimit instructions embedded within these context signals.
  • Capability inventory: The skill uses tools to create_issue, list_issues, and update_issue in Linear, and uses gh pr view to fetch PR data.
  • Sanitization: There is no evidence of sanitization or validation of the environmental context before it is interpolated into the issue creation payload.
  • [COMMAND_EXECUTION]: The skill relies on local shell commands (git branch, gh pr view) to gather context for issue creation. These are standard operations for development-focused skills.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 11:56 AM