jira-administration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill documentation describes scripts (not provided) that ingest untrusted data from JIRA instances, such as automation rules and user profiles, which could be used to influence agent behavior.
- Ingestion points: Automation rule configurations (
get_automation_rule.py), user metadata (search_users.py), and workflow data (get_workflow_for_issue.py). - Boundary markers: None mentioned in documentation.
- Capability inventory: Project creation/deletion (
create_project.py,delete_project.py), group management (add_user_to_group.py), and automation rule execution (invoke_manual_rule.py). - Sanitization: None mentioned in documentation.
- [No Code] (SAFE): The submission contains only markdown documentation and JSON templates. No Python scripts or shell commands were provided for analysis.
Audit Metadata