atlassian-readonly-skills
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection Surface. The skill is designed to retrieve content from external, potentially untrusted sources which may contain hidden instructions. Ingestion points: functions in 'scripts/confluence_pages.py' (page content), 'scripts/bitbucket_files.py' (source code), and 'scripts/jira_issues.py' (descriptions/comments) return raw text to the agent context. Boundary markers: The skill does not implement delimiters or 'ignore embedded instructions' warnings for retrieved content. Capability inventory: The skill facilitates extensive network interaction with corporate Atlassian instances. Sanitization: No sanitization or escaping of external content is performed before delivery to the agent.
Audit Metadata