Jira Automation
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface area for indirect prompt injection as it processes untrusted data from external sources.
- Ingestion points: Untrusted data enters the agent context through issue details, sprint configurations, and JQL query results from Jira (SKILL.md).
- Boundary markers: The skill lacks explicit delimiters or warnings to ignore embedded instructions when processing external Jira content.
- Capability inventory: The skill can create, update, and transition Jira issues, and it can send notifications to Slack channels (SKILL.md).
- Sanitization: No evidence of sanitization, escaping, or validation of external content is present in the templates.
Audit Metadata