linear-mcp
Linear's official MCP server. Read and write issues, projects, cycles, comments, and labels. API-key authenticated. The 'agent inside your project tracker' enabler.
Default if your team uses Linear for issue tracking. Workspace-level API keys are coarse — use a dedicated bot user where possible, scope what the bot can see via Linear's permissions.
What it does
Linear’s MCP server wraps their GraphQL API. Tools cover search_issues, get_issue, create_issue, update_issue, add_comment, assign_issue, move_issue_to_project, list_cycles, list_projects. Auth is a Linear API key (personal or — better — bot-user-issued).
When you actually need it
Linear sits in the middle of many engineering teams’ workflows — issues, projects, cycles. An agent that reads and writes Linear is a fit for:
- Issue triage automation. When a new issue lands in a configured team, agent reads the body, drafts a label set + priority + assignee suggestion, posts a comment. Human approves the actual assignment.
- Standup summaries. Agent reads what each team-member has done this cycle (issue status changes, comments), drafts a stand-up summary.
- Cross-tool orchestration. Issue arrives in Linear → agent finds related Slack thread → agent finds related GitHub PR → drafts a connection comment that ties them together.
- Cycle planning prep. Agent surfaces issues that are blocked, stale, or scope-creeping for the next cycle planning meeting.
Setup
Generate an API key at linear.app → Settings → API → Personal API keys. Or — preferred — create a dedicated bot user with team-scoped membership and generate the key as that user.
"linear": {
"command": "npx",
"args": ["-y", "@linear/mcp-server"],
"env": {
"LINEAR_API_KEY": "lin_api_…"
}
}
The catch
Personal API keys inherit your access. Anything you can see, the agent can see. For a 50-person engineering org, this is usually fine for read-only agents (your access is appropriate). For agents that write — create issues, change assignees, move issues — the blast radius is whatever team-set you have permission for.
Two cleaner patterns:
- Dedicated bot user. Create a
Linear botuser. Add to specific teams only. Generate the API key as that user. Now the agent’s blast radius is exactly the teams you’ve added the bot to. - OAuth bot integration. For workspace-installed bots, Linear’s OAuth flow scopes per-workspace and includes revocation. More setup; cleaner story for shared agents.
For agents that comment / write but don’t change assignment / status: even the personal-key path is reasonable, paired with host-level approval gates on writes.
For agents that change priority, assign issues, move issues across projects: bot-user path is required.
FOR: Linear workspace operations using a dedicated bot user with team-scoped membership.
Use a dedicated bot user, not a personal API key, for any shared / production agent. Add the bot only to the teams it should access. Pair destructive tools (create / move / assign) with host-level approval gates.
Linear team maintains.
API key via env. Server doesn't log or persist.
api.linear.app only.
Personal API keys inherit user permissions across all team memberships. OAuth bot integrations scope per-workspace and are preferred for shared agents.
Personal keys: whatever the user can see. Dedicated bot user: scoped to bot's team membership. Use the latter for shared agents.
Issue bodies, comments, descriptions are full of user-authored content. Hostile content from any team-member or external commenter can attempt to redirect the agent. Treat all output as untrusted.
MCP SDK + Linear's official @linear/sdk.
Linear API rate limits (1500 req / hour for read, lower for write). Bursty agents hit ceilings faster than steady use.
npm package with provenance attestations.
Linear's infrastructure (US primarily; EU region for EU customers).
7 present · human approval optional
create_issueupdate_issueadd_commentassign_issuedelete_issuearchive_issuemove_issue
NOT A FORMAL SECURITY AUDIT · Adoption posture based on public-source review · See methodology for what's measured and what isn't