jira-markdown-conversion
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests data from external Atlassian Jira instances via MCP tools. This data, such as issue descriptions or user comments, is untrusted and could contain malicious instructions designed to influence the agent's behavior. Ingestion points: Data enters the context through 'mcp__atlassian__getJiraIssue' and 'mcp__atlassian__searchJiraIssuesUsingJql' in the SKILL.md workflows. Boundary markers: The templates provided do not utilize specific delimiters or 'ignore instructions' warnings for the description or comments fields. Capability inventory: The skill is permitted to use 'Write' and 'Read' tools. If an injection is successful, an attacker might influence the agent to read or overwrite local files. Sanitization: No evidence of input validation or sanitization of the Jira content before it is placed into the Markdown template.
Audit Metadata