use-linear-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly shows patterns that embed API keys inline in commands (e.g., LINEAR_API_KEY=... linear-cli ...) and instructs using/piping keys in ways that can require the agent to insert secrets verbatim, which is an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflows (e.g., references/recipes/triage-and-comments.md and references/data/attachments-and-uploads.md) instruct the agent to fetch and read user-generated issue bodies, comments, and uploaded files (via linear-cli i get / cm list and linear-cli up fetch from https://uploads.linear.app), which are untrusted third-party content that the agent is expected to interpret and use to drive actions such as triage, labeling, and bulk mutations.