orca-linear
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill proactively identifies and mitigates the risk of indirect prompt injection from external ticket data.\n
- Ingestion points: Issue data and comments are retrieved from Linear via the
orca linear issueandorca linear searchcommands inSKILL.md.\n - Boundary markers: The skill includes explicit instructions for the agent to treat all Linear fields as untrusted source data.\n
- Capability inventory: The skill can execute
orcacommands to create issues, add comments, attach URLs, and update ticket statuses.\n - Sanitization: The agent is strictly commanded to ignore any instructions or commands that may be embedded within ticket text, comments, or attachments.\n- [COMMAND_EXECUTION]: The skill utilizes the
orcaandorca-ideCLI tools to perform operations on the Linear platform. These commands are used solely for their intended functional purpose of issue tracking and task management.
Audit Metadata