Skills
skills/davila7/claude-code-templates/jira-automation/Gen Agent Trust Hub

jira-automation

Warn

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill directs the user to add https://rube.app/mcp as a remote MCP server endpoint. This delegates the tool definitions and potential execution logic to a third-party service outside the immediate control of the user.
  • [DATA_EXFILTRATION]: The skill is designed to retrieve and process sensitive organizational data, including issue contents, project configurations, and user account IDs from a Jira environment.
  • [PROMPT_INJECTION]: The skill possesses a significant indirect prompt injection surface due to its combination of data ingestion and write capabilities.
  • Ingestion points: The skill reads external, untrusted data from Jira using tools such as JIRA_GET_ISSUE and JIRA_LIST_ISSUE_COMMENTS.
  • Boundary markers: There are no instructions or delimiters provided to ensure the agent ignores embedded instructions within retrieved Jira data.
  • Capability inventory: The skill includes powerful write tools such as JIRA_EDIT_ISSUE, JIRA_ADD_COMMENT, and JIRA_ADD_USERS_TO_PROJECT_ROLE.
  • Sanitization: The instructions do not specify any validation or sanitization of input data before it is used in automation workflows.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 24, 2026, 08:00 PM