Yes, that looks exactly like what is happening. For clarity though it is a LinkedIn script not one uploaded by a 3rd party.
It seems to apply to links sent in direct messages which are routed through a linkedin internal page, I assume so they can track you out etc.
It was more the principal of it though, I hadn’t considered that the link shown in the status bar could not be the link you would be taken to if you click it but I guess that’s part of allowing javascript to run.