Does it support OAuth 2.0 for user-facing apps?

Yes, it includes a complete flow for initiating authorization, handling callbacks with state validation to prevent CSRF, and managing secure token exchanges.

How are Linear webhooks secured using this skill?

It implements timing-safe HMAC SHA256 signature verification to ensure incoming webhooks actually originate from Linear and haven't been tampered with.

How does this skill help with Linear API keys?

It provides patterns to move keys from hardcoded strings to secure environment variables and implements validation checks to prevent runtime errors.

Can I use this for production environment hardening?

Absolutely. It includes best practices like token encryption at rest, 5-minute buffer token refreshing, and secret rotation logic designed for production stability.

Linear API Security & OAuth

Name: Linear API Security & OAuth
Author: micsapp

bymicsapp

0•

보안 및 테스팅

Hardens Linear integrations by implementing secure API key management, OAuth 2.0 flows, and timing-safe webhook verification.

This skill provides specialized guidance for building secure, production-grade integrations with Linear. It automates the implementation of industry-standard security practices, including environment-variable-based secret management, robust OAuth 2.0 authentication flows with CSRF protection, encrypted token storage, and timing-safe webhook verification. Whether you are building a internal tool or a multi-tenant SaaS application, this skill ensures your Linear connection remains secure and compliant with modern security best practices.

주요 기능

01API Key Rotation Patterns

02Timing-Safe Webhook Signature Verification

03Encrypted Token Storage and Auto-Refresh

04Secure Environment Variable Configuration

050 GitHub stars

06OAuth 2.0 Implementation with State Validation

사용 사례

01Auditing existing Linear apps for security vulnerabilities

02Implementing secure webhooks for real-time task updates

03Setting up a new Linear integration with proper authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills linear-security-basics

For use in Claude.ai and ChatGPT

주요 기능

01API Key Rotation Patterns

02Timing-Safe Webhook Signature Verification

03Encrypted Token Storage and Auto-Refresh

04Secure Environment Variable Configuration

050 GitHub stars

06OAuth 2.0 Implementation with State Validation

사용 사례

01Auditing existing Linear apps for security vulnerabilities

02Implementing secure webhooks for real-time task updates

03Setting up a new Linear integration with proper authentication

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills linear-security-basics

For use in Claude.ai and ChatGPT