atlassian-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Documentation recommends installing official and community-sourced MCP servers using package managers such as npm, pip, and uv. It specifically references the official Anthropic repository for the Atlassian MCP server.
- [COMMAND_EXECUTION]: Provides instructions for configuring and running MCP servers via command-line tools like npx and uvx within the Claude Desktop environment.
- [PROMPT_INJECTION]: The triage and documentation synchronization workflows implemented in 'references/common-workflows.md' ingest untrusted content from Jira and Confluence.
- Ingestion points: Reads issue summaries and descriptions via 'jira_get_issue' and page content via 'confluence_get_page'.
- Boundary markers: Implementation examples do not include explicit delimiters or instructions for the agent to ignore embedded instructions in the ingested data.
- Capability inventory: The skill has the capability to write back to the system via 'jira_update_issue', 'jira_add_comment', 'confluence_create_page', and 'confluence_update_page'.
- Sanitization: While an 'escapeHtml' function is provided for Confluence storage format, the logic determining triage categories and priority is based on raw text patterns without structural sanitization.
Audit Metadata