The Agent Skills Directory

[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingests content from files such as 'tasks.md', 'requirements.md', and 'design.md' to generate summaries and descriptions for JIRA tickets. If these files contain malicious instructions, they could influence the agent's behavior during ticket creation or repository updates. • Ingestion points: Reads markdown specification files from the 'documentation/specs/' directory. • Boundary markers: None identified; the skill does not specify using delimiters or explicit instructions to ignore embedded commands within the processed data. • Capability inventory: Uses the Atlassian MCP to create/edit JIRA issues, add comments, update Confluence pages, and write 'ticket-map.md' to the repository. • Sanitization: None identified; external content from the repository is used directly to populate ticket fields.

backlog-manager