linear-debug-bundle

Provides a comprehensive toolkit for debugging Linear API integrations, enhancing logging and tracing capabilities.

Install this skill

or

36/100

Security score

The linear-debug-bundle skill was audited on May 12, 2026 and we found 20 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 68

Template literal with variable interpolation in command context

SourceSKILL.md

68	console.log(`[Linear:DEBUG] >>> ${label}`);

medium line 73

Template literal with variable interpolation in command context

SourceSKILL.md

73	console.log(`[Linear:DEBUG] <<< ${label} (${ms}ms) OK`);

medium line 78

Template literal with variable interpolation in command context

SourceSKILL.md

78	console.error(`[Linear:DEBUG] !!! ${label} (${ms}ms) FAILED:`, error);

medium line 109

Template literal with variable interpolation in command context

SourceSKILL.md

109	const id = `trace-${Date.now()}-${Math.random().toString(36).slice(2, 6)}`;

medium line 234

Template literal with variable interpolation in command context

SourceSKILL.md

234	envCheck.issues.forEach(i => console.error(` - ${i}`));

medium line 253

Template literal with variable interpolation in command context

SourceSKILL.md

253	console.log(`${v.name} (${v.email})`);

medium line 258

Template literal with variable interpolation in command context

SourceSKILL.md

258	t.nodes.forEach(team => console.log(` ${team.key}: ${team.name}`));

medium line 263

Template literal with variable interpolation in command context

SourceSKILL.md

263	i.nodes.forEach(issue => console.log(` ${issue.identifier}: ${issue.title}`));

medium line 275

Template literal with variable interpolation in command context

SourceSKILL.md

275	console.error(`Error: ${e.message}`);

medium line 317

Template literal with variable interpolation in command context

SourceSKILL.md

317	console.log(`${label}: avg=${avg}ms, max=${max}ms (${runs} runs)`);

medium line 299

Curl to non-GitHub URL

SourceSKILL.md

299	curl -s -X POST https://api.linear.app/graphql \

low line 218

Webhook reference - potential data exfiltration

SourceSKILL.md

218	if (!process.env.LINEAR_WEBHOOK_SECRET) {

low line 219

Webhook reference - potential data exfiltration

SourceSKILL.md

219	issues.push("WARNING: LINEAR_WEBHOOK_SECRET not set (webhooks won't verify)");

low line 85

Access to .env file

SourceSKILL.md

85	const client = new LinearClient({ apiKey: process.env.LINEAR_API_KEY! });

low line 208

Access to .env file

SourceSKILL.md

208	const apiKey = process.env.LINEAR_API_KEY;

low line 218

Access to .env file

SourceSKILL.md

218	if (!process.env.LINEAR_WEBHOOK_SECRET) {

low line 222

Access to .env file

SourceSKILL.md

222	if (process.env.NODE_ENV === "production" && apiKey?.includes("dev")) {

low line 299

External URL reference

SourceSKILL.md

299	curl -s -X POST https://api.linear.app/graphql \

low line 327

External URL reference

SourceSKILL.md

327	- [Linear API Status](https://status.linear.app)

low line 328

External URL reference

SourceSKILL.md

328	- [Node.js Performance Hooks](https://nodejs.org/api/perf_hooks.html)

Scanned on May 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

claude claude-code codex frontend design git api testing backend backend-developer devops-sre technical-pm linear development product

jeremylongshore/claude-code-plugins-plus-skills