skills/openshift-hyperfleet/hyperfleet-claude-plugins/JIRA Ticket Hygiene Checker/Gen Agent Trust Hub
JIRA Ticket Hygiene Checker
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill acts as an indirect prompt injection surface by ingesting untrusted data from JIRA tickets to perform its hygiene checks.
- Ingestion points: Reads ticket summaries, descriptions, and metadata via the
jira issue viewcommand. - Boundary markers: None identified; ticket content is processed directly into the agent context.
- Capability inventory: Limited to data retrieval and formatting; the skill lacks the capability to write back to JIRA or execute arbitrary code from the ticket content.
- Sanitization: None; the agent relies on the raw output of the CLI tool. An attacker with edit access to a JIRA ticket could attempt to influence the agent's hygiene verdict or subsequent reasoning.
Audit Metadata