Skills
skills/affaan-m/everything-claude-code/jira-integration/Gen Agent Trust Hub

jira-integration

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill emphasizes secure configuration by explicitly instructing users to avoid hardcoding API tokens and to use environment variables or secret managers.
  • [EXTERNAL_DOWNLOADS]: Recommends the installation of mcp-atlassian==0.21.0 using uvx. This is a well-known MCP server for Atlassian services and is pinned to a specific version.
  • [PROMPT_INJECTION]: The skill instructions facilitate the ingestion and analysis of Jira ticket content, which represents an indirect prompt injection surface.
  • Ingestion points: Jira issue details and comments fetched via jira_get_issue and REST API calls.
  • Boundary markers: The provided templates do not include explicit delimiters or safety instructions to ignore potential commands embedded in ticket descriptions.
  • Capability inventory: The skill provides tools for state-changing operations like jira_update_issue, jira_add_comment, and jira_transition_issue.
  • Sanitization: No sanitization steps are defined for the data retrieved from the Atlassian API before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 01:43 AM