Trust Assessment
linear received a trust score of 68/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Skill exposes shell command execution with user-controlled arguments, Skill requests broad access to Linear API.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Skill exposes shell command execution with user-controlled arguments The skill's primary interface, as described in SKILL.md, involves executing `node skills/linear/scripts/linear-cli.js` with various arguments. Many of these arguments are intended to be dynamic and derived from user input (e.g., project names, issue descriptions, JSON filters). If these arguments are not properly sanitized or shell-escaped by the LLM before constructing the command string, or by the `linear-cli.js` script itself, a malicious user could inject arbitrary shell commands. This could lead to remote code execution on the host system. Implement robust shell escaping for all user-provided arguments before constructing and executing the `node` command. Ensure that the `linear-cli.js` script also sanitizes and escapes any arguments it uses in further shell commands or `eval` calls. Consider using a safer method for inter-process communication than direct shell command construction with interpolated strings. | LLM | SKILL.md:22 | |
| MEDIUM | Skill requests broad access to Linear API The skill's manifest and description explicitly state that it "Supports all Linear operations" and is designed to "Manage Linear projects, issues, and tasks via the Linear API." This indicates that the underlying `linear-cli.js` script likely operates with broad permissions (e.g., a highly privileged API key). While this might be necessary for its intended functionality, it significantly increases the potential impact (blast radius) if the skill is compromised (e.g., via command injection) or misused. Review the principle of least privilege for the Linear API key used by `linear-cli.js`. Restrict API key permissions to only what is strictly necessary for the skill's advertised functions. If full access is truly required, ensure robust security controls are in place to prevent misuse or compromise. | LLM | SKILL.md:1 |
Scan History
Embed Code
[](https://skillshield.io/report/4451559defd16aa4)
Powered by SkillShield