linear-audit

Route audit findings to Linear as issues. Reads the most recent audit report from docs/audits/, parses findings at warning severity or above, and creates Linear issues in the project's configured team. Requires Linear MCP server to be available.

5 stars

Best use case

linear-audit is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Route audit findings to Linear as issues. Reads the most recent audit report from docs/audits/, parses findings at warning severity or above, and creates Linear issues in the project's configured team. Requires Linear MCP server to be available.

Teams using linear-audit should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/linear-audit/SKILL.md --create-dirs "https://raw.githubusercontent.com/ajcpwnz/tricycle-pro/main/core/skills/linear-audit/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/linear-audit/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How linear-audit Compares

Feature / Agentlinear-auditStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Route audit findings to Linear as issues. Reads the most recent audit report from docs/audits/, parses findings at warning severity or above, and creates Linear issues in the project's configured team. Requires Linear MCP server to be available.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Linear Audit Output Skill

## When to use this Skill

This skill is invoked automatically by the `/trc.audit` command when configured on the audit step:

```yaml
workflow:
  blocks:
    audit:
      skills:
        - linear-audit
```

You can also invoke it manually via `/linear-audit` after running an audit.

## Prerequisites

- **Linear MCP server** must be configured and running. Check `.mcp.json` for a `linear-server` entry.
- **An audit report** must exist in `docs/audits/`. This skill reads the most recent report.
- **Linear team** must be configured. Check project memory or config for the team name/ID.

## Execution Steps

### 1. Check Linear MCP Availability

Verify that Linear MCP tools are available by checking if `mcp__linear-server__save_issue` is callable.

- If available: proceed.
- If NOT available: output "Linear MCP not available — audit findings remain in docs/audits/ only." and STOP. Do not error — this is expected graceful degradation.

### 2. Find the Most Recent Audit Report

Look for the newest file in `docs/audits/` matching the pattern `audit-*.md`. Read its contents.

- If no audit report exists: output "No audit report found in docs/audits/. Run `/trc.audit` first." and STOP.

### 3. Parse Findings

Extract all findings from the report that have severity **critical** or **warning**. For each finding, capture:
- **Severity**: critical or warning
- **Rule/criterion**: what was violated
- **File**: path and line number
- **Evidence**: the code snippet
- **Recommendation**: suggested fix

Skip **info** severity findings — they are observations, not actionable issues.

### 4. Determine Linear Team

Read the project's Linear team configuration. Check in order:
1. Project memory files for a Linear team reference
2. `tricycle.config.yml` for a `linear.team` field
3. If neither found: list available teams via Linear MCP and ask the user to confirm which team to use

### 5. Create Linear Issues

For each finding (critical and warning):

**Issue title**: `[Audit] <severity>: <rule/criterion> in <filename>`

**Issue body**:
```
## Audit Finding

**Severity**: <critical|warning>
**Rule**: <rule or criterion violated>
**File**: <path:line>

### Evidence
\`\`\`
<code snippet>
\`\`\`

### Recommendation
<suggested fix>

---
*Created by `/trc.audit` on YYYY-MM-DD*
```

**Issue labels**: Add "audit" label if it exists in the team. If not, create it.

**Priority**: Map severity — critical → Urgent, warning → High.

### 6. Report Results

Output a summary:
- Number of issues created
- Link to each created issue (if Linear MCP returns URLs)
- Any findings that failed to create (with error details)

## Things to Avoid

- Do not create duplicate issues — if an issue with the same title already exists in the team, skip it and note "already tracked."
- Do not create issues for info-level findings — those are informational only.
- Do not fail the entire skill if one issue creation fails — continue with remaining findings and report errors at the end.

Related Skills

qa-run

5
from ajcpwnz/tricycle-pro

Run QA test suites against the local dev stack using Chrome DevTools and Playwright MCPs. Verifies environment, executes test flows, monitors for network errors, writes results, and creates Linear tickets for failures.

deploy-watch

5
from ajcpwnz/tricycle-pro

Monitor GitHub Actions deploy workflows after merging a PR to staging. Polls until all deploys complete, diagnoses failures, and reports results.

tdd

5
from ajcpwnz/tricycle-pro

Red-Green-Refactor test-driven development workflow. Guides the agent through writing failing tests first, then implementing code to pass them, then refactoring while keeping tests green.

document-writer

5
from ajcpwnz/tricycle-pro

Document generation skill for creating DOCX, PDF, PPTX, and other formatted documents. Guides structured content creation with proper formatting, headings, tables, and professional presentation.

debugging

5
from ajcpwnz/tricycle-pro

Structured debugging workflow: reproduce, isolate, trace, fix, verify. Use when investigating bugs, unexpected behavior, or test failures. Guides systematic root-cause analysis instead of trial-and-error.

code-reviewer

5
from ajcpwnz/tricycle-pro

PR review, quality audit, and security checks. Invoke when reviewing code changes before merging or pushing. Performs structured review covering correctness, security, performance, and maintainability.

catholic

5
from ajcpwnz/tricycle-pro

Apply reverent, faith-inspired Christian verbiage to non-code artifacts. Invoke when generating specs, plans, task lists, READMEs, or other documentation to infuse them with blessings, gratitude, and references to divine guidance. Never applies to source code or config files.

cairo-auditor

9
from cartridge-gg/nums

Systematic Cairo/Starknet security audit workflow with deterministic preflight, parallel vector specialists, adversarial reasoning, and strict false-positive gating.

skill-audit

9
from exiao/skills

Audit and score any skill against best practices. Use when: audit this skill, review this skill, check this skill, score this skill, is this skill good, skill health check, skill review, rate this skill. Takes a skill directory path, evaluates structure/content/patterns against a checklist, and outputs a scorecard with specific fixes.

audit

9
from exiao/skills

Run technical quality checks across accessibility, performance, theming, responsive design, and anti-patterns. Generates a scored report with P0-P3 severity ratings and actionable plan. Use when the user wants an accessibility check, performance audit, or technical quality review.

aso-audit

9
from exiao/skills

When the user wants a full ASO health audit, review their App Store listing quality, or diagnose why their app isn't ranking. Also use when the user mentions "ASO audit", "ASO score", "why am I not ranking", "listing review", or "optimize my app store page". For keyword-specific research, see keyword-research. For metadata writing, see metadata-optimization.

security-auditor

9
from cofin/flow

Use when reviewing authentication, authorization, user input, secrets, API keys, database queries, file uploads, session management, external API calls, OWASP risks, or data handling attack surface.