jira-automation
Warn
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (MEDIUM): The skill instructs the user to add an external MCP endpoint
https://rube.app/mcp. This server provides the tool schemas and execution logic for the Jira integration. Because rube.app is not among the pre-verified trusted sources, this dependency must be reviewed by the user for reliability and security. - Prompt Injection (LOW): The skill is susceptible to Indirect Prompt Injection. It ingests untrusted data from external sources (Jira) and has significant write capabilities. Evidence Chain: 1. Ingestion points: Untrusted data enters via tools like
JIRA_GET_ISSUEandJIRA_LIST_ISSUE_COMMENTS. 2. Boundary markers: Absent; there are no instructions to use delimiters or warnings when processing issue text. 3. Capability inventory: High-privilege tools are available, includingJIRA_EDIT_ISSUE,JIRA_ADD_USERS_TO_PROJECT_ROLE, andJIRA_CREATE_ISSUE. 4. Sanitization: No validation or sanitization of Jira content is mentioned before the agent acts upon it.
Audit Metadata