atlassian
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and displays external content from Jira and Confluence.
- Ingestion points: Untrusted data enters the agent context through
scripts/jira.py(retrieving issue summaries and descriptions) andscripts/confluence.py(reading page content). - Boundary markers: The skill does not provide explicit delimiters or instructions for the agent to ignore potential commands embedded within the retrieved Atlassian data.
- Capability inventory: The skill possesses capabilities for network operations (
httpx,urllib.request) to Atlassian APIs and credential management via thekeyringlibrary. - Sanitization: While
scripts/confluence.pycontains a helper to strip HTML tags for readability, no security-focused sanitization or filtering is performed on the incoming text to prevent the agent from interpreting it as instructions.
Audit Metadata