skills/yigitkonur/skills-by-yigitkonur/use-linear-cli/Socket

use-linear-cli

Warn

Audited by Socket on May 10, 2026

1 alert found:

Security

SecuritySKILL.md

MEDIUM

SecurityMEDIUM

SKILL.md

SUSPICIOUS. The skill's functionality matches its stated Linear-automation purpose, but its trust model is weak: it pushes the agent to use a non-official personal CLI and forward Linear credentials to it, while granting broad mutating capabilities. No clear malware or covert exfiltration is shown, but the capability and credential scope are disproportionate versus using Linear's official MCP/API path.

Confidence: 84%Severity: 72%

Audit Metadata

Analyzed At

May 10, 2026, 03:50 PM

Package URL

pkg:socket/skills-sh/yigitkonur%2Fskills-by-yigitkonur%2Fuse-linear-cli%2F@bc5f6315558607b77c105f9266342e5ef4f78c24