jira
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from Jira (e.g., issue summaries, descriptions, and comments) without explicit boundary markers or sanitization logic.\n
- Ingestion points: Jira API search and issue detail endpoints defined in SKILL.md.\n
- Boundary markers: Absent.\n
- Capability inventory: Python snippets using
urllib.requestfor network operations and Jira issue mutations (create/update/delete).\n - Sanitization: Absent.\n- [COMMAND_EXECUTION]: The documentation provides multiple Python snippets intended for execution to interact with the API. These snippets access environment variables (
MATON_API_KEY) and perform network requests togateway.maton.aiandctrl.maton.ai. While functional, they represent an execution surface for data retrieved from the API gateway.
Audit Metadata