bug-triage
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data from error logs, stack traces, and unstructured bug reports (SKILL.md). This creates a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: Untrusted data enters the agent context during the intake phase from raw logs and messages. 2. Boundary markers: There are no instructions to use delimiters or ignore embedded commands within the input data. 3. Capability inventory: The skill itself lacks high-risk capabilities such as command execution or direct network access, as it delegates Jira operations to an external skill. 4. Sanitization: No sanitization or validation of the input content is implemented. This could allow a maliciously crafted bug report to influence the agent's prioritization or triage logic.
Audit Metadata