The Agent Skills Directory

[NO_CODE]: The skill package is composed entirely of Markdown documentation. It references a CLI tool (jira-as) and over 20 specific Python scripts (such as transition_issue.py, assign_issue.py, and create_version.py) that are necessary for the skill's stated functionality but are not included in the provided file set. \n- [COMMAND_EXECUTION]: The documentation directs the agent to execute numerous shell commands involving the missing Python scripts and CLI tool. These commands include parameters derived from JIRA metadata, and the absence of the underlying source code prevents a security verification of how these inputs are handled. \n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. \n
Ingestion points: The agent processes JIRA issue data including transition names, status names, and version/component metadata (SKILL.md, references/workflow_guide.md). \n
Boundary markers: Absent. There are no instructions or delimiters provided to ensure the agent ignores or sanitizes instructions embedded within JIRA data. \n
Capability inventory: The skill documentation describes the ability to perform state-changing operations in JIRA, such as transitioning issues, reassigning users, and deleting components (SKILL.md, references/patterns/incident_workflow.md). \n
Sanitization: Absent. No validation or escaping of JIRA-sourced data is mentioned before its use in command execution. \n- [PROMPT_INJECTION]: The skill contains deceptive and contradictory metadata. In the primary SKILL.md file, a 'CRITICAL' warning explicitly prohibits running Python scripts directly; however, the entire examples library and best practices documentation consist exclusively of direct Python script executions. This inconsistency can lead to improper agent behavior and the bypassing of stated safety guidelines.

jira-lifecycle-management