jira-service-desk
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes the vendor's own CLI tool (@membranehq/cli) and official GitHub repository, which are trusted resources within the membranedev ecosystem.
- [SAFE]: Authentication is handled server-side by the Membrane platform, which avoids the need for hardcoded API keys or local credential storage.
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from Jira that could contain malicious instructions meant to influence the agent's behavior. 1. Ingestion points: Data is retrieved via actions like list-requests and list-request-comments in SKILL.md. 2. Boundary markers: The instructions do not specify any markers or warnings to disregard instructions embedded in Jira data. 3. Capability inventory: The skill allows for writing data back to Jira through actions like create-request and create-request-comment, and enables arbitrary API requests via the membrane request proxy. 4. Sanitization: No explicit sanitization or filtering of the retrieved Jira content is mentioned in the skill documentation.
Audit Metadata