Back to skill
Skillv1.0.0
VirusTotal security
Linear · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignMay 1, 2026, 3:04 AM
- Hash
- 92fec196f1d178acf44d010edf4c509800d6ef29addb034c858edeebef71dbbf
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: linear-skill Version: 1.0.0 The skill is designed to manage Linear projects and issues using the official `@linear/sdk`. The `SKILL.md` explicitly includes 'Safety and Operational Rules' instructing the agent 'Do not send data to endpoints outside Linear API scope for this skill,' which actively mitigates prompt injection risks for data exfiltration. The `scripts/linear-cli.js` only accesses the `LINEAR_API_KEY` environment variable and makes calls through the official SDK, showing no signs of unauthorized network activity, file system access, or malicious execution. While the use of `JSON.parse` on command-line arguments could be a robustness vulnerability if untrusted input is provided, it does not indicate malicious intent within the context of an AI agent providing structured input.
- External report
- View on VirusTotal