jira-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill requires connection to an external MCP server located at
https://rube.app/mcp. This domain is not included in the standard whitelist, and data regarding Jira operations and OAuth tokens will transit through this third-party service. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection where malicious instructions embedded in Jira issues could influence agent behavior.
- Ingestion points: Data enters the agent context via
JIRA_GET_ISSUE,JIRA_LIST_ISSUE_COMMENTS, andJIRA_SEARCH_FOR_ISSUES_USING_JQL_POST. - Boundary markers: Absent; the instructions do not specify delimiters or warnings to ignore instructions found within Jira issue content.
- Capability inventory: The agent has the ability to perform write operations including
JIRA_CREATE_ISSUE,JIRA_EDIT_ISSUE,JIRA_ADD_COMMENT, andJIRA_ASSIGN_ISSUE. - Sanitization: Absent; there is no mention of filtering or escaping content retrieved from the external Jira API before it is processed by the agent.
Audit Metadata