atlassian
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes data from external Atlassian resources that are outside the agent's direct control.
- Ingestion points: Data enters the agent's context through issue summaries and descriptions in
scripts/jira.py, and page content inscripts/confluence.py. - Boundary markers: The skill does not currently use specific delimiters or protective instructions when presenting retrieved external content to the agent.
- Capability inventory: The skill allows for significant actions, including creating and updating issues, adding comments, and modifying wiki pages via
scripts/jira.pyandscripts/confluence.py. - Sanitization: Although
scripts/confluence.pystrips HTML tags for display, there is no validation or filtering mechanism to detect or neutralize instructions embedded in the text fields.
Audit Metadata