creating-jira-subtasks
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its reliance on the
docs/<TICKET_KEY>-tasks.mdfile, which is used to populate Jira subtask summaries and descriptions. - Ingestion points: The
subtask-creator.mdsubagent reads the local plan file to extract task objectives, notes, and requirements. - Boundary markers: None. The instructions do not specify the use of delimiters to isolate untrusted file content from the API payload structure.
- Capability inventory: The skill possesses the capability to write to external Jira instances via MCP tools based on the parsed data.
- Sanitization: No validation or sanitization is performed on the extracted task text before it is transmitted to the external Jira service.
Audit Metadata