atlassian-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes commands that require embedding API tokens/passwords directly in CLI arguments or request examples (e.g., --token , curl -u email:token), which forces the LLM to output secrets verbatim and is therefore insecure.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md and the referenced command docs (e.g., section 4 and references/confluence-cli.md / references/bkt-commands.md) explicitly instruct the agent to fetch and read user-generated content from Confluence pages (confluence read by ID or URL), Jira issues (jira issue view/list), and Bitbucket resources (bkt pr view, bkt api), which are untrusted third‑party sources whose contents could influence subsequent commands (create/update/merge) and thus enable indirect prompt injection.