jira-task
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): This skill is susceptible to indirect prompt injection as it processes user-provided task descriptions into templates without explicit sanitization or boundary markers. Evidence: 1. Ingestion points: User input used to populate Bug and Feature templates in SKILL.md. 2. Boundary markers: Absent within the markdown templates. 3. Capability inventory: The skill utilizes mcp__mcp-atlassian__jira_create_issue and jira_update_issue to perform write operations to an external system. 4. Sanitization: No sanitization or escaping of user input is defined.
- [Data Exposure] (SAFE): The skill contains project-specific metadata including Jira project keys (PROWLER), epic keys (PROWLER-193), and custom field IDs (customfield_10359, 10363). This is considered operational configuration and does not include sensitive credentials, secrets, or PII.
- [Command Execution] (SAFE): Usage of MCP commands is restricted to legitimate Jira issue management functions. No arbitrary shell commands, system calls, or unauthorized network operations were detected.
Audit Metadata