zubo 0.1.0

package/src/tools/builtin-integrations/google/google_drive/handler.ts

@@ -0,0 +1,106 @@
+const API = "https://www.googleapis.com/drive/v3";
+
+async function getToken(): Promise<string> {
+  const Zubo = (globalThis as any).Zubo;
+  if (Zubo?.getGoogleToken) return Zubo.getGoogleToken();
+  throw new Error("Google is NOT connected. Use google_oauth with action 'start' to set up Google.");
+}
+
+function safeApiErr(status: number, statusText: string, service: string): string {
+  return JSON.stringify({ error: `${service} API error: ${status} ${statusText}` });
+}
+
+export default async function (input: Record<string, unknown>): Promise<string> {
+  let token: string;
+  try {
+    token = await getToken();
+  } catch (err: any) {
+    return JSON.stringify({
+      error: err.message,
+      action_required: "Google is NOT connected. The user needs to complete the OAuth 2.0 flow. " +
+        "Ask the user for their Google OAuth client_id (ends with .apps.googleusercontent.com) " +
+        "and client_secret (starts with GOCSPX-), then use google_oauth tool with action 'start'.",
+    });
+  }
+
+  const { action, file_id, name, parent_id, query, page_size } = input as {
+    action: string;
+    file_id?: string;
+    name?: string;
+    parent_id?: string;
+    query?: string;
+    page_size?: number;
+  };
+
+  const headers: Record<string, string> = {
+    Authorization: `Bearer ${token}`,
+    "Content-Type": "application/json",
+  };
+
+  try {
+    switch (action) {
+      case "list": {
+        const qs = new URLSearchParams({
+          pageSize: String(page_size || 20),
+          fields: "files(id,name,mimeType,size,modifiedTime,webViewLink)",
+        });
+        if (query) qs.set("q", query);
+        const res = await fetch(`${API}/files?${qs}`, { headers });
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Drive");
+        const data = (await res.json()) as any;
+        return JSON.stringify(
+          (data.files || []).map((f: any) => ({
+            id: f.id,
+            name: f.name,
+            type: f.mimeType,
+            size: f.size,
+            modified: f.modifiedTime,
+            url: f.webViewLink,
+          }))
+        );
+      }
+
+      case "create_folder": {
+        if (!name) return JSON.stringify({ error: "name is required for create_folder" });
+        const metadata: any = {
+          name,
+          mimeType: "application/vnd.google-apps.folder",
+        };
+        if (parent_id) metadata.parents = [parent_id];
+        const res = await fetch(`${API}/files`, {
+          method: "POST",
+          headers,
+          body: JSON.stringify(metadata),
+        });
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Drive");
+        const folder = (await res.json()) as any;
+        return JSON.stringify({ id: folder.id, name: folder.name });
+      }
+
+      case "get": {
+        if (!file_id) return JSON.stringify({ error: "file_id is required for get" });
+        const qs = new URLSearchParams({
+          fields: "id,name,mimeType,size,modifiedTime,webViewLink,description",
+        });
+        const res = await fetch(`${API}/files/${file_id}?${qs}`, { headers });
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Drive");
+        const f = (await res.json()) as any;
+        return JSON.stringify({
+          id: f.id,
+          name: f.name,
+          type: f.mimeType,
+          size: f.size,
+          modified: f.modifiedTime,
+          description: f.description,
+          url: f.webViewLink,
+        });
+      }
+
+      default:
+        return JSON.stringify({ error: `Unknown action: ${action}` });
+    }
+  } catch (err: any) {
+    console.error(`[Google Drive] Request failed: ${err.message}`);
+    return JSON.stringify({ error: "Google Drive request failed. Check logs for details." });
+  }
+}

package/src/tools/builtin-integrations/google/google_sheets/SKILL.md

@@ -0,0 +1,36 @@
+# google_sheets
+
+Manage Google Sheets: create, read, append rows, and update cells. Requires a Google API key stored as `google_api_key`.
+
+## Input Schema
+
+```json
+{
+  "type": "object",
+  "properties": {
+    "action": {
+      "type": "string",
+      "enum": ["create", "read", "append", "update"],
+      "description": "The action to perform"
+    },
+    "spreadsheet_id": {
+      "type": "string",
+      "description": "The spreadsheet ID (required for read, append, update)"
+    },
+    "title": {
+      "type": "string",
+      "description": "Spreadsheet title (required for create)"
+    },
+    "range": {
+      "type": "string",
+      "description": "Cell range in A1 notation, e.g., 'Sheet1!A1:D10' (required for read, append, update)"
+    },
+    "values": {
+      "type": "array",
+      "items": { "type": "array", "items": {} },
+      "description": "2D array of values to write (required for append and update)"
+    }
+  },
+  "required": ["action"]
+}
+```

package/src/tools/builtin-integrations/google/google_sheets/handler.ts

@@ -0,0 +1,116 @@
+const API = "https://sheets.googleapis.com/v4/spreadsheets";
+
+async function getToken(): Promise<string> {
+  const Zubo = (globalThis as any).Zubo;
+  if (Zubo?.getGoogleToken) return Zubo.getGoogleToken();
+  throw new Error("Google is NOT connected. Use google_oauth with action 'start' to set up Google.");
+}
+
+function safeApiErr(status: number, statusText: string, service: string): string {
+  return JSON.stringify({ error: `${service} API error: ${status} ${statusText}` });
+}
+
+export default async function (input: Record<string, unknown>): Promise<string> {
+  let token: string;
+  try {
+    token = await getToken();
+  } catch (err: any) {
+    return JSON.stringify({
+      error: err.message,
+      action_required: "Google is NOT connected. The user needs to complete the OAuth 2.0 flow. " +
+        "Ask the user for their Google OAuth client_id (ends with .apps.googleusercontent.com) " +
+        "and client_secret (starts with GOCSPX-), then use google_oauth tool with action 'start'.",
+    });
+  }
+
+  const { action, spreadsheet_id, title, range, values } = input as {
+    action: string;
+    spreadsheet_id?: string;
+    title?: string;
+    range?: string;
+    values?: unknown[][];
+  };
+
+  const headers: Record<string, string> = {
+    Authorization: `Bearer ${token}`,
+    "Content-Type": "application/json",
+  };
+
+  try {
+    switch (action) {
+      case "create": {
+        if (!title) return JSON.stringify({ error: "title is required for create" });
+        const res = await fetch(API, {
+          method: "POST",
+          headers,
+          body: JSON.stringify({ properties: { title } }),
+        });
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Sheets");
+        const sheet = (await res.json()) as any;
+        return JSON.stringify({
+          spreadsheet_id: sheet.spreadsheetId,
+          title: sheet.properties?.title,
+          url: sheet.spreadsheetUrl,
+        });
+      }
+
+      case "read": {
+        if (!spreadsheet_id) return JSON.stringify({ error: "spreadsheet_id is required for read" });
+        if (!range) return JSON.stringify({ error: "range is required for read" });
+        const encodedRange = encodeURIComponent(range);
+        const res = await fetch(`${API}/${spreadsheet_id}/values/${encodedRange}`, { headers });
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Sheets");
+        const data = (await res.json()) as any;
+        return JSON.stringify({ range: data.range, values: data.values || [] });
+      }
+
+      case "append": {
+        if (!spreadsheet_id) return JSON.stringify({ error: "spreadsheet_id is required for append" });
+        if (!range) return JSON.stringify({ error: "range is required for append" });
+        if (!values) return JSON.stringify({ error: "values are required for append" });
+        const encodedRange = encodeURIComponent(range);
+        const res = await fetch(
+          `${API}/${spreadsheet_id}/values/${encodedRange}:append?valueInputOption=USER_ENTERED`,
+          {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ values }),
+          }
+        );
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Sheets");
+        const result = (await res.json()) as any;
+        return JSON.stringify({
+          updated_range: result.updates?.updatedRange,
+          updated_rows: result.updates?.updatedRows,
+        });
+      }
+
+      case "update": {
+        if (!spreadsheet_id) return JSON.stringify({ error: "spreadsheet_id is required for update" });
+        if (!range) return JSON.stringify({ error: "range is required for update" });
+        if (!values) return JSON.stringify({ error: "values are required for update" });
+        const encodedRange = encodeURIComponent(range);
+        const res = await fetch(
+          `${API}/${spreadsheet_id}/values/${encodedRange}?valueInputOption=USER_ENTERED`,
+          {
+            method: "PUT",
+            headers,
+            body: JSON.stringify({ values }),
+          }
+        );
+        if (!res.ok) return safeApiErr(res.status, res.statusText, "Google Sheets");
+        const result = (await res.json()) as any;
+        return JSON.stringify({
+          updated_range: result.updatedRange,
+          updated_cells: result.updatedCells,
+        });
+      }
+
+      default:
+        return JSON.stringify({ error: `Unknown action: ${action}` });
+    }
+  } catch (err: any) {
+    console.error(`[Google Sheets] Request failed: ${err.message}`);
+    return JSON.stringify({ error: "Google Sheets request failed. Check logs for details." });
+  }
+}

package/src/tools/builtin-integrations/jira/jira_boards/SKILL.md

@@ -0,0 +1,21 @@
+# jira_boards
+
+List Jira boards and sprints. Requires `jira_token`, `jira_email`, and `jira_url` secrets.
+
+## Input Schema
+
+```json
+{
+  "type": "object",
+  "properties": {
+    "action": { "type": "string", "enum": ["list_boards", "list_sprints"], "description": "Action to perform" },
+    "board_id": { "type": "number", "description": "Board ID (for list_sprints)" }
+  },
+  "required": ["action"]
+}
+```
+
+## Usage Hints
+
+- Use "list_boards" to see all boards.
+- Use "list_sprints" with board_id to see sprints.

package/src/tools/builtin-integrations/jira/jira_boards/handler.ts

@@ -0,0 +1,74 @@
+async function safeApiError(res: Response, service: string): Promise<string> {
+  const body = await res.text().catch(() => "");
+  console.error(`[${service}] API error ${res.status}: ${body.slice(0, 500)}`);
+  return JSON.stringify({ error: `${service} API error: ${res.status} ${res.statusText}` });
+}
+
+function safeExceptionError(err: any, service: string): string {
+  console.error(`[${service}] Request failed: ${err.message}`);
+  return JSON.stringify({ error: `${service} request failed. Check logs for details.` });
+}
+
+export default async function (input: Record<string, unknown>): Promise<string> {
+  const token = (globalThis as any).Zubo?.getSecret?.("jira_token");
+  const email = (globalThis as any).Zubo?.getSecret?.("jira_email");
+  const baseUrl = (globalThis as any).Zubo?.getSecret?.("jira_url");
+  if (!token || !email || !baseUrl) {
+    return JSON.stringify({ error: "Jira not configured. Set jira_token, jira_email, and jira_url secrets." });
+  }
+
+  // Validate jira_url to prevent SSRF
+  let parsedUrl: URL;
+  try {
+    parsedUrl = new URL(baseUrl);
+  } catch {
+    return JSON.stringify({ error: "Invalid jira_url format" });
+  }
+  if (parsedUrl.protocol !== "https:") {
+    return JSON.stringify({ error: "jira_url must use HTTPS" });
+  }
+  const hostname = parsedUrl.hostname;
+  const is172Private = hostname.startsWith("172.") && (() => {
+    const secondOctet = parseInt(hostname.split(".")[1], 10);
+    return secondOctet >= 16 && secondOctet <= 31;
+  })();
+  if (hostname === "localhost" || hostname.startsWith("127.") || hostname.startsWith("10.") ||
+      hostname.startsWith("192.168.") || is172Private || hostname === "[::1]" ||
+      hostname.endsWith(".local") || hostname.endsWith(".internal")) {
+    return JSON.stringify({ error: "jira_url must not point to internal/private addresses" });
+  }
+
+  const { action, board_id } = input as { action: string; board_id?: number };
+  // Validate board_id is a positive integer to prevent injection
+  if (board_id !== undefined && (!Number.isInteger(board_id) || board_id <= 0)) {
+    return JSON.stringify({ error: "board_id must be a positive integer" });
+  }
+  const api = parsedUrl.origin + parsedUrl.pathname.replace(/\/+$/, "") + "/rest/agile/1.0";
+  const auth = Buffer.from(`${email}:${token}`).toString("base64");
+  const headers: Record<string, string> = {
+    Authorization: `Basic ${auth}`,
+    Accept: "application/json",
+  };
+
+  try {
+    switch (action) {
+      case "list_boards": {
+        const res = await fetch(`${api}/board?maxResults=50`, { headers });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        const data = (await res.json()) as any;
+        return JSON.stringify(data.values?.map((b: any) => ({ id: b.id, name: b.name, type: b.type })) ?? []);
+      }
+      case "list_sprints": {
+        if (!board_id) return JSON.stringify({ error: "board_id required" });
+        const res = await fetch(`${api}/board/${board_id}/sprint?maxResults=20`, { headers });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        const data = (await res.json()) as any;
+        return JSON.stringify(data.values?.map((s: any) => ({ id: s.id, name: s.name, state: s.state, startDate: s.startDate, endDate: s.endDate })) ?? []);
+      }
+      default:
+        return JSON.stringify({ error: `Unknown action: ${action}` });
+    }
+  } catch (err: any) {
+    return safeExceptionError(err, "Jira");
+  }
+}

package/src/tools/builtin-integrations/jira/jira_issues/SKILL.md

@@ -0,0 +1,28 @@
+# jira_issues
+
+Manage Jira issues: list, create, get, update, search, transition. Requires `jira_token`, `jira_email`, and `jira_url` secrets.
+
+## Input Schema
+
+```json
+{
+  "type": "object",
+  "properties": {
+    "action": { "type": "string", "enum": ["list", "create", "get", "update", "search", "transition"], "description": "Action to perform" },
+    "issue_key": { "type": "string", "description": "Issue key e.g. PROJ-123" },
+    "project_key": { "type": "string", "description": "Project key (for create, list)" },
+    "summary": { "type": "string", "description": "Issue summary" },
+    "description": { "type": "string", "description": "Issue description" },
+    "issue_type": { "type": "string", "description": "Issue type (Bug, Task, Story)" },
+    "jql": { "type": "string", "description": "JQL query (for search)" },
+    "transition_id": { "type": "string", "description": "Transition ID (for transition)" }
+  },
+  "required": ["action"]
+}
+```
+
+## Usage Hints
+
+- Use "search" with JQL for flexible queries.
+- Use "list" with project_key for recent issues.
+- Use "transition" to move issues through workflow stages.

package/src/tools/builtin-integrations/jira/jira_issues/handler.ts

@@ -0,0 +1,140 @@
+async function safeApiError(res: Response, service: string): Promise<string> {
+  const body = await res.text().catch(() => "");
+  console.error(`[${service}] API error ${res.status}: ${body.slice(0, 500)}`);
+  return JSON.stringify({ error: `${service} API error: ${res.status} ${res.statusText}` });
+}
+
+function safeExceptionError(err: any, service: string): string {
+  console.error(`[${service}] Request failed: ${err.message}`);
+  return JSON.stringify({ error: `${service} request failed. Check logs for details.` });
+}
+
+export default async function (input: Record<string, unknown>): Promise<string> {
+  const token = (globalThis as any).Zubo?.getSecret?.("jira_token");
+  const email = (globalThis as any).Zubo?.getSecret?.("jira_email");
+  const baseUrl = (globalThis as any).Zubo?.getSecret?.("jira_url");
+  if (!token || !email || !baseUrl) {
+    return JSON.stringify({ error: "Jira not configured. Set jira_token, jira_email, and jira_url secrets." });
+  }
+
+  // Validate jira_url to prevent SSRF — must be HTTPS and a valid Jira host
+  let parsedUrl: URL;
+  try {
+    parsedUrl = new URL(baseUrl);
+  } catch {
+    return JSON.stringify({ error: "Invalid jira_url format" });
+  }
+  if (parsedUrl.protocol !== "https:") {
+    return JSON.stringify({ error: "jira_url must use HTTPS" });
+  }
+  // Block private/internal IP ranges
+  const hostname = parsedUrl.hostname;
+  const is172Private = hostname.startsWith("172.") && (() => {
+    const secondOctet = parseInt(hostname.split(".")[1], 10);
+    return secondOctet >= 16 && secondOctet <= 31;
+  })();
+  if (hostname === "localhost" || hostname.startsWith("127.") || hostname.startsWith("10.") ||
+      hostname.startsWith("192.168.") || is172Private || hostname === "[::1]" ||
+      hostname.endsWith(".local") || hostname.endsWith(".internal")) {
+    return JSON.stringify({ error: "jira_url must not point to internal/private addresses" });
+  }
+
+  const { action, issue_key, project_key, summary, description, issue_type, jql, transition_id } = input as {
+    action: string; issue_key?: string; project_key?: string; summary?: string;
+    description?: string; issue_type?: string; jql?: string; transition_id?: string;
+  };
+
+  // Validate issue_key format to prevent path traversal (e.g. "PROJ-123")
+  if (issue_key && !/^[A-Z][A-Z0-9_]+-\d+$/i.test(issue_key)) {
+    return JSON.stringify({ error: "Invalid issue_key format. Expected format: PROJ-123" });
+  }
+  // Validate project_key format
+  if (project_key && !/^[A-Z][A-Z0-9_]*$/i.test(project_key)) {
+    return JSON.stringify({ error: "Invalid project_key format. Expected format: PROJ" });
+  }
+
+  const api = parsedUrl.origin + parsedUrl.pathname.replace(/\/+$/, "") + "/rest/api/3";
+  const auth = Buffer.from(`${email}:${token}`).toString("base64");
+  const headers: Record<string, string> = {
+    Authorization: `Basic ${auth}`,
+    "Content-Type": "application/json",
+    Accept: "application/json",
+  };
+
+  try {
+    switch (action) {
+      case "list": {
+        const q = project_key ? `project=${project_key} ORDER BY created DESC` : "ORDER BY created DESC";
+        const res = await fetch(`${api}/search?jql=${encodeURIComponent(q)}&maxResults=20`, { headers });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        const data = (await res.json()) as any;
+        return JSON.stringify(data.issues?.map((i: any) => ({
+          key: i.key, summary: i.fields.summary, status: i.fields.status?.name,
+          assignee: i.fields.assignee?.displayName, priority: i.fields.priority?.name,
+        })) ?? []);
+      }
+      case "create": {
+        if (!project_key || !summary) return JSON.stringify({ error: "project_key and summary required" });
+        const res = await fetch(`${api}/issue`, {
+          method: "POST", headers,
+          body: JSON.stringify({
+            fields: {
+              project: { key: project_key },
+              summary,
+              description: description ? { type: "doc", version: 1, content: [{ type: "paragraph", content: [{ type: "text", text: description }] }] } : undefined,
+              issuetype: { name: issue_type || "Task" },
+            },
+          }),
+        });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        const data = (await res.json()) as any;
+        return JSON.stringify({ key: data.key, id: data.id, self: data.self });
+      }
+      case "get": {
+        if (!issue_key) return JSON.stringify({ error: "issue_key required" });
+        const res = await fetch(`${api}/issue/${issue_key}`, { headers });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        const i = (await res.json()) as any;
+        return JSON.stringify({
+          key: i.key, summary: i.fields.summary, status: i.fields.status?.name,
+          assignee: i.fields.assignee?.displayName, priority: i.fields.priority?.name,
+          description: i.fields.description, created: i.fields.created,
+        });
+      }
+      case "update": {
+        if (!issue_key) return JSON.stringify({ error: "issue_key required" });
+        const fields: any = {};
+        if (summary) fields.summary = summary;
+        if (description) fields.description = { type: "doc", version: 1, content: [{ type: "paragraph", content: [{ type: "text", text: description }] }] };
+        const res = await fetch(`${api}/issue/${issue_key}`, {
+          method: "PUT", headers,
+          body: JSON.stringify({ fields }),
+        });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        return JSON.stringify({ updated: true, key: issue_key });
+      }
+      case "search": {
+        if (!jql) return JSON.stringify({ error: "jql required" });
+        const res = await fetch(`${api}/search?jql=${encodeURIComponent(jql)}&maxResults=20`, { headers });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        const data = (await res.json()) as any;
+        return JSON.stringify(data.issues?.map((i: any) => ({
+          key: i.key, summary: i.fields.summary, status: i.fields.status?.name,
+        })) ?? []);
+      }
+      case "transition": {
+        if (!issue_key || !transition_id) return JSON.stringify({ error: "issue_key and transition_id required" });
+        const res = await fetch(`${api}/issue/${issue_key}/transitions`, {
+          method: "POST", headers,
+          body: JSON.stringify({ transition: { id: transition_id } }),
+        });
+        if (!res.ok) return await safeApiError(res, "Jira");
+        return JSON.stringify({ transitioned: true, key: issue_key });
+      }
+      default:
+        return JSON.stringify({ error: `Unknown action: ${action}` });
+    }
+  } catch (err: any) {
+    return safeExceptionError(err, "Jira");
+  }
+}

package/src/tools/builtin-integrations/linear/linear_issues/SKILL.md

@@ -0,0 +1,30 @@
+# linear_issues
+
+Manage Linear issues: list, create, get, update, search. Requires `linear_token`.
+
+## Input Schema
+
+```json
+{
+  "type": "object",
+  "properties": {
+    "action": { "type": "string", "enum": ["list", "create", "get", "update", "search"], "description": "Action to perform" },
+    "issue_id": { "type": "string", "description": "Issue ID (for get, update)" },
+    "title": { "type": "string", "description": "Issue title (for create)" },
+    "description": { "type": "string", "description": "Issue description" },
+    "team_id": { "type": "string", "description": "Team ID (for create, list)" },
+    "state": { "type": "string", "description": "State name filter" },
+    "query": { "type": "string", "description": "Search query" },
+    "assignee_id": { "type": "string", "description": "Assignee ID" },
+    "priority": { "type": "number", "description": "Priority (0=none, 1=urgent, 2=high, 3=medium, 4=low)" }
+  },
+  "required": ["action"]
+}
+```
+
+## Usage Hints
+
+- Linear uses GraphQL. This tool wraps common operations.
+- Use "list" with optional team_id to see issues.
+- Use "create" with title and team_id.
+- Use "search" with a text query.

package/src/tools/builtin-integrations/linear/linear_issues/handler.ts

@@ -0,0 +1,75 @@
+function safeExceptionError(err: any, service: string): string {
+  console.error(`[${service}] Request failed: ${err.message}`);
+  return JSON.stringify({ error: `${service} request failed. Check logs for details.` });
+}
+
+const API = "https://api.linear.app/graphql";
+
+async function gql(token: string, query: string, variables?: any): Promise<any> {
+  const res = await fetch(API, {
+    method: "POST",
+    headers: {
+      Authorization: token,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify({ query, variables }),
+  });
+  if (!res.ok) throw new Error(`Linear API error: ${res.status}`);
+  const data = (await res.json()) as any;
+  if (data.errors?.length) throw new Error(data.errors[0].message);
+  return data.data;
+}
+
+export default async function (input: Record<string, unknown>): Promise<string> {
+  const token = (globalThis as any).Zubo?.getSecret?.("linear_token");
+  if (!token) return JSON.stringify({ error: "Linear token not configured. Use secret_set to store 'linear_token'." });
+
+  const { action, issue_id, title, description, team_id, query, assignee_id, priority } = input as {
+    action: string; issue_id?: string; title?: string; description?: string;
+    team_id?: string; query?: string; assignee_id?: string; priority?: number;
+  };
+
+  try {
+    switch (action) {
+      case "list": {
+        const data = team_id
+          ? await gql(token, `query($teamId: String!) { issues(first: 25, filter: { team: { id: { eq: $teamId } } }) { nodes { id identifier title state { name } assignee { name } priority createdAt } } }`, { teamId: team_id })
+          : await gql(token, `{ issues(first: 25) { nodes { id identifier title state { name } assignee { name } priority createdAt } } }`);
+        return JSON.stringify(data.issues.nodes);
+      }
+      case "create": {
+        if (!title || !team_id) return JSON.stringify({ error: "title and team_id required" });
+        const vars: any = { title, teamId: team_id };
+        if (description) vars.description = description;
+        if (assignee_id) vars.assigneeId = assignee_id;
+        if (priority !== undefined) vars.priority = priority;
+        const data = await gql(token, `mutation($input: IssueCreateInput!) { issueCreate(input: $input) { success issue { id identifier title url } } }`, { input: vars });
+        return JSON.stringify(data.issueCreate.issue);
+      }
+      case "get": {
+        if (!issue_id) return JSON.stringify({ error: "issue_id required" });
+        const data = await gql(token, `query($id: String!) { issue(id: $id) { id identifier title description state { name } assignee { name } priority labels { nodes { name } } createdAt url } }`, { id: issue_id });
+        return JSON.stringify(data.issue);
+      }
+      case "update": {
+        if (!issue_id) return JSON.stringify({ error: "issue_id required" });
+        const upd: any = {};
+        if (title) upd.title = title;
+        if (description) upd.description = description;
+        if (assignee_id) upd.assigneeId = assignee_id;
+        if (priority !== undefined) upd.priority = priority;
+        const data = await gql(token, `mutation($id: String!, $input: IssueUpdateInput!) { issueUpdate(id: $id, input: $input) { success issue { id identifier title } } }`, { id: issue_id, input: upd });
+        return JSON.stringify(data.issueUpdate.issue);
+      }
+      case "search": {
+        if (!query) return JSON.stringify({ error: "query required" });
+        const data = await gql(token, `query($q: String!) { searchIssues(query: $q, first: 20) { nodes { id identifier title state { name } } } }`, { q: query });
+        return JSON.stringify(data.searchIssues.nodes);
+      }
+      default:
+        return JSON.stringify({ error: `Unknown action: ${action}` });
+    }
+  } catch (err: any) {
+    return safeExceptionError(err, "Linear");
+  }
+}

package/src/tools/builtin-integrations/linear/linear_projects/SKILL.md

@@ -0,0 +1,21 @@
+# linear_projects
+
+List and view Linear projects. Requires `linear_token`.
+
+## Input Schema
+
+```json
+{
+  "type": "object",
+  "properties": {
+    "action": { "type": "string", "enum": ["list", "get"], "description": "Action to perform" },
+    "project_id": { "type": "string", "description": "Project ID (for get)" }
+  },
+  "required": ["action"]
+}
+```
+
+## Usage Hints
+
+- Use "list" to see all projects.
+- Use "get" with project_id for details.