jira-ticket-manager
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes jira-cli commands through shell instructions in the documentation and a helper Python script (scripts/create_ticket.py). The Python script uses subprocess.run() with a list of arguments, which is a secure implementation that mitigates shell injection risks.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests ticket summaries and descriptions from Jira using the jira issue view and jira issue list commands. This data is then used to formulate subsequent ticket edits or comments.\n
- Ingestion points: Data retrieved from external Jira issues is processed by the agent (SKILL.md).\n
- Boundary markers: None identified in the instructions for handling external Jira content.\n
- Capability inventory: The agent has the ability to execute shell commands and modify Jira data.\n
- Sanitization: The skill does not implement any validation or sanitization of the content retrieved from Jira.\n- [EXTERNAL_DOWNLOADS]: The skill references and provides instructions for installing jira-cli from its official GitHub repository, which is a well-known and established tool for Jira automation.
Audit Metadata