jira-automation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): This skill is vulnerable to indirect prompt injection because it processes content from an external system (Jira) that can be influenced by third parties. * Ingestion points: SKILL.md defines tools like JIRA_GET_ISSUE and JIRA_LIST_ISSUE_COMMENTS which ingest untrusted issue descriptions and comments. * Boundary markers: Absent; there are no instructions provided to the agent to treat retrieved data as untrusted or to use delimiters. * Capability inventory: SKILL.md defines write capabilities including JIRA_CREATE_ISSUE, JIRA_EDIT_ISSUE, and JIRA_ADD_COMMENT. * Sanitization: Absent; the instructions do not specify any validation or sanitization of data retrieved from Jira.
- EXTERNAL_DOWNLOADS (LOW): The skill directs users to configure an external MCP server at https://rube.app/mcp, which is not a predefined trusted source.
- NO_CODE (SAFE): No executable code files are shipped with this skill, reducing the potential attack surface on the local environment.
Audit Metadata