jira
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute various
jiraCLI commands to view, list, and modify Jira tickets. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it reads and displays content from external Jira tickets which may contain malicious instructions. 1. Ingestion points: Data enters the context via
jira issue viewandjira issue listcommands which retrieve ticket details and summaries. 2. Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the retrieved Jira content as untrusted data. 3. Capability inventory: The agent has the ability to write back to Jira usingjira issue comment addandjira issue move, which could be exploited if the agent follows instructions found within a ticket. 4. Sanitization: The skill does not implement any sanitization or validation logic for the content retrieved from Jira.
Audit Metadata