jira-ticket-prioritizer
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it relies on the LLM to analyze and "use your judgment" to interpret untrusted data from JIRA tickets for core logic such as repo inference, dependency detection, and priority scoring.
- Ingestion points: In
SKILL.md(Step 2 and Step 5), the agent fetches raw ticket data including summary, description, and comments from an external JIRA instance. - Boundary markers: Absent. The instructions do not specify any delimiters or safety prompts to treat the JIRA ticket content as untrusted data.
- Capability inventory: The skill uses
Bash,Read, andWritetools, and executes thejiraCLI and localnodescripts in the file system. - Sanitization: Absent. There is no evidence of filtering or escaping the text contents of the JIRA tickets before they are processed by the LLM's reasoning engine.
Audit Metadata