development
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute local commands for project management and diagnostics.
- Runs
chasecommands for installation (chase install .), error reporting (chase errors), and log retrieval (chase logs). - Executes a local shell script
.agents/skills/linear-curl-issue-ops/scripts/linear_graphql.shto interact with the Linear API. - [DATA_EXFILTRATION]: The skill facilitates communication with the Linear project management service (
linear.app). - Instructs the agent to post implementation summaries, test results, and status updates to Linear tickets. This is a standard and transparent development workflow.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from external Linear tickets which could potentially contain malicious instructions.
- Ingestion points: Reads ticket titles, descriptions, and acceptance criteria from
linear.appURLs. - Boundary markers: None explicitly defined to separate external ticket content from system instructions.
- Capability inventory: File system writes (updating
STATUS.md,SPEC.md, etc.) and shell command execution (chase, local scripts). - Sanitization: No explicit sanitization or validation of retrieved ticket content is mentioned.
Audit Metadata