atlassian-automation
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): Dependency on an external third-party MCP server. The skill requires adding "https://rube.app/mcp" to the agent's configuration. This endpoint is not part of the trusted source list (e.g., Anthropic, OpenAI, Microsoft), meaning all interactions with Atlassian are proxied through an unverified external service.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection risk.
- Ingestion points: Data retrieved from Atlassian tools (Jira tickets, Confluence pages, etc.) via SKILL.md.
- Boundary markers: None identified in the skill instructions or workflow patterns.
- Capability inventory: Full suite of Atlassian operations including "RUBE_MULTI_EXECUTE_TOOL" and "RUBE_REMOTE_WORKBENCH" which allow reading and writing data across the Atlassian stack.
- Sanitization: No explicit sanitization or validation of the content retrieved from Atlassian is mentioned in the setup or workflow.
Audit Metadata