The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent on executing high-impact commands via the acli tool, including the permanent deletion of work items, projects, and organization-managed user accounts (acli admin user delete).
[CREDENTIALS_UNSAFE]: Instructions detail the use of API_TOKEN and API_KEY for authentication. Although safety practices like using environment variables and piping are advised, these credentials flow through the agent's context and are handled by the CLI tool, increasing the risk of accidental exposure.
[PROMPT_INJECTION]: The skill facilitates the ingestion of content from external Jira work items, which exposes the agent to indirect prompt injection attacks. • Ingestion points: Untrusted data is retrieved from Jira issue summaries, descriptions, and comments (references: SKILL.md, jira-workitem-commands.md). • Boundary markers: There are no instructions for using delimiters or boundary markers to distinguish retrieved Jira content from agent instructions. • Capability inventory: The skill provides full CRUD capabilities over Jira items, projects, and organization user accounts. • Sanitization: No validation or sanitization mechanisms for the external data are specified.
[DATA_EXFILTRATION]: The skill supports cloning work items across different sites (--to-site) and includes a feedback command (acli feedback) that transmits user-provided summaries, details, and attachments to Atlassian's infrastructure.
[EXTERNAL_DOWNLOADS]: Mentions the official installation guide for the Atlassian CLI binary on the Atlassian developer portal.

acli