researching-jira-issues
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and synthesizes untrusted data from Jira issue descriptions, comments, and Confluence pages.\n
- Ingestion points: Data is fetched via
get_issue,search_issues, andget_confluence_pagetools from external Atlassian environments.\n - Boundary markers: The instructions do not specify explicit delimiters or 'ignore embedded instructions' warnings when processing fetched content.\n
- Capability inventory: The skill primarily uses read-only tools to gather information; no file-write, network-send, or code execution capabilities are defined in the workflow.\n
- Sanitization: There is no explicit sanitization or filtering of the external content mentioned.\n- [SAFE]: The skill implements a security-conscious traversal policy by specifically instructing the agent not to automatically follow references to security or vulnerability-related projects (e.g.,
VULN-*,SEC-*) unless they are formal issue links.\n- [SAFE]: Operational guidelines for rate limiting (pausing after sequential calls and handling 429 errors) are included to ensure stable interaction with the Atlassian API.
Audit Metadata