jira
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides patterns for reading and processing external data from Jira, which creates a surface for indirect prompt injection if issue content contains malicious instructions.
- Ingestion points: External data enters the context via
mcp__jira__jira_issues_getandjira issue getcommands. - Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions when processing issue summaries or descriptions.
- Capability inventory: The skill possesses significant capabilities including issue modification (
jira issue update), workflow transitions (jira transition), and user assignment (jira assign). - Sanitization: There is no evidence of content sanitization or validation for the data retrieved from Jira before it is processed by the agent.
Audit Metadata