jira
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted data from Jira issues and comments, creating a potential surface for indirect prompt injection.\n
- Ingestion points: Untrusted data such as issue summaries, descriptions, and comments are retrieved via the Jira REST API in
scripts/jira.py.\n - Boundary markers: The script does not utilize specific delimiters or instructions to the model to ignore potentially malicious instructions embedded within the Jira content.\n
- Capability inventory: The skill includes tools to create issues, update fields, add comments, and transition workflows through
scripts/jira.py, which could be exploited if an injection is successful.\n - Sanitization: No explicit sanitization or filtering is performed on the text content retrieved from Jira before it is presented to the agent.
Audit Metadata