jira-ticket-writer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-supplied text to populate Jira ticket templates, creating a surface for indirect prompt injection where malicious instructions could be embedded in ticket data.
- Ingestion points: Workflow steps in SKILL.md for gathering context, summary, and problem definitions.
- Boundary markers: Absent; user input is integrated directly into templates without using delimiters or escape instructions.
- Capability inventory: The skill references 'acli jira workitem create' and 'acli jira workitem edit' for external interactions.
- Sanitization: No input validation or sanitization is performed on the gathered data before processing.
- [COMMAND_EXECUTION]: The skill utilizes the 'acli' (Atlassian CLI) command-line interface to facilitate ticket creation and updates in Jira as part of its primary functionality.
Audit Metadata