jira-cli
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill allows the agent to ingest external, potentially untrusted data from Jira tickets which could contain malicious instructions. \n
- Ingestion points: Commands such as
jira issue viewandjira issue listinreferences/commands.mdpull external summaries and descriptions into the agent's context. \n - Boundary markers: There are no instructions or delimiters provided to help the agent distinguish between its own system prompt and the data retrieved from Jira. \n
- Capability inventory: The skill provides significant capabilities to modify Jira state, including creating, editing, and deleting issues, which could be abused if an injection is successful. \n
- Sanitization: There is no mention of sanitizing or validating issue content before it is processed by the agent.
Audit Metadata