Skills
skills/lobbi-docs/claude/jira/Gen Agent Trust Hub

jira

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALSAFE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process data from Jira (issues, descriptions, and comments) which could contain adversarial instructions.
  • Ingestion points: Data is pulled via jira.issue() and jira.search_issues() in SKILL.md.
  • Boundary markers: The provided documentation does not include specific boundary markers or instructions for the agent to ignore embedded commands in the issue data.
  • Capability inventory: The skill allows the use of Bash, Read, Write, and Edit, which could be targeted by an injection attack.
  • Sanitization: No explicit sanitization or validation of Jira field content is shown in the examples.
  • [False Positive Alert] (SAFE): The automated scanner flagged issue.fields.status.name as a malicious URL. This is a false positive; it is standard Python code using the jira library to access an object attribute and does not represent a network request to a blacklisted domain.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:22 PM