jira

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch Jira data via the Maton gateway (e.g., GET /jira/ex/jira/{cloudId}/rest/api/3/search/jql and GET /.../issue/{issueIdOrKey}/comment), which pulls user-generated/untrusted issue summaries and comments that the agent is expected to read and can materially influence subsequent actions like transitions, updates, or searches.