daily-next
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands to read and update task files in the ~/.claude/ directory, as well as to interact with Jira through the acli tool and GitHub via the gh CLI tool.
- [EXTERNAL_DOWNLOADS]: Fetches issue metadata and attachments from Jira's official API (atlassian.net) and pulls pull request data from GitHub. These operations target well-known developer services and are consistent with the skill's stated purpose.
- [DATA_EXFILTRATION]: Reads local task and standup files to determine current work context. All network communication is directed to the user's configured Atlassian and Slack instances for functional data retrieval.
- [PROMPT_INJECTION]: The skill ingests data from external sources (Jira, Slack, GitHub) which could theoretically be used for indirect prompt injection; however, this is a core functional requirement for task summarization. (Ingestion points: ~/.claude/ files, Jira API, Slack and Confluence MCP, GitHub CLI; Boundary markers: Absent; Capability inventory: bash, Write tool, Read tool; Sanitization: Absent).
Audit Metadata