confluence
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill retrieves content from external Confluence pages and spaces, which could potentially contain untrusted instructions (indirect prompt injection).
- Ingestion points: Content is ingested from the Confluence REST API via the
get_page,search_content, andlist_spacesfunctions inscripts/confluence.py. - Boundary markers: The skill converts content to Markdown for display but does not include explicit security delimiters or 'ignore instructions' warnings.
- Capability inventory: The skill can perform network requests to Confluence and modify content (create/update) via the
Bashtool executingscripts/confluence.py. - Sanitization: The skill converts complex storage and editor formats (XHTML/ADF) into Markdown for safe presentation to the model.
Audit Metadata