senior-pm
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill acts as a high-privilege orchestrator that ingests data from external sources and has the capability to write to professional environments.
- Ingestion points: The skill is designed to pull metrics from Jira and documentation from Confluence as stated in the 'Atlassian MCP Integration' section.
- Boundary markers: Absent. The instructions do not define delimiters (like XML tags or triple quotes) to separate the system instructions from untrusted data retrieved from Jira or Confluence.
- Capability inventory: The skill utilizes Jira MCP and Confluence MCP to aggregate metrics, create report pages, and maintain documentation, which constitutes a significant capability for side effects.
- Sanitization: None detected. There is no logic or instruction to filter or validate content retrieved from external project management tools before it is processed by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata