sprint-summary
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown instructions and metadata. It does not include any executable scripts, binaries, or configuration files that could execute on the host system.
- [SAFE]: All external interactions (Atlassian Jira, GitHub) are conducted through standard agent integrations (MCP/Tools). No unauthorized network requests, hardcoded credentials, or data exfiltration patterns were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external sources (Jira ticket descriptions and GitHub PR comments), which is a known vector for indirect prompt injection.
- Ingestion points: Instructions 2, 4, and 5 describe fetching data from Jira (via Atlassian MCP) and GitHub.
- Boundary markers: None. The instructions do not specify delimiters to separate external data from system instructions.
- Capability inventory: The skill only performs read-only operations and formatting; it does not request capabilities to write files, execute commands, or perform network requests to arbitrary domains.
- Sanitization: No explicit sanitization of the retrieved external content is specified.
Audit Metadata