jira-issues
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill recommends installing a tool from a trusted organization via 'npx @anthropic/create-mcp-server jira'.
- [DATA_EXFILTRATION]: Code snippets access environment variables for Jira credentials and send them to the user-configured Jira instance for authentication.
- [PROMPT_INJECTION]: Ingestion points: 'create_issue', 'create_detailed_issue', and 'add_comment' in 'SKILL.md'. Boundary markers: None. Capability inventory: 'requests.post' and 'requests.get' in 'SKILL.md'. Sanitization: None. These functions interpolate user input directly into API payloads, creating an indirect prompt injection surface.
Audit Metadata