confluence-cli
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- Dynamic Execution (MEDIUM): The file
scripts/tests/test_markdown_to_storage.pyusesimportlib.utilto dynamically load and executeconfluence_cli.py. - Evidence:
spec.loader.exec_module(module)inscripts/tests/test_markdown_to_storage.pyexecutes code from a path calculated at runtime. - Indirect Prompt Injection (LOW): The skill ingests untrusted data from external Confluence pages which could contain malicious instructions for the agent.
- Ingestion points:
get_page,get_page_by_title, andsearch_cqlinscripts/confluence_api_client.pyfetch external content. - Boundary markers: None detected in the provided scripts or instructions.
- Capability inventory: The skill can write data back to Confluence via
update_page,create_page, andattach_file. - Sanitization: No explicit sanitization or filtering of the fetched content is performed before it is returned to the agent.
- Credential Handling (SAFE): The
ConfluenceConfigclass inscripts/confluence_api_client.pyhandles API tokens. While no secrets are hardcoded, the script is designed to process sensitive credentials provided by the user.
Audit Metadata