jira-api

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples and instructions that insert API tokens/credentials directly into code and curl headers (e.g., api_token = "your-api-token", Authorization: Basic $(echo -n 'email:token' | base64), client = JiraClient(..., api_token="token-from-atlassian")), which requires the model to handle or emit secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md and examples explicitly show the agent calling arbitrary Jira Cloud instances (via JIRA_BASE_URL) and using endpoints like GET /rest/api/3/issue, search_issues (expand=changelog), and webhook payload handlers to ingest issue descriptions, comments, and changelogs (user-generated content) which the skill then uses to make decisions and perform actions (transitions, updates, assignments), so untrusted third-party content can materially influence behavior.