Project Management
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external project management tools like Jira and GitHub Issues.
- Ingestion points: Backlog items and task updates are imported from external APIs into the agent context in the workflow.
- Boundary markers: There are no instructions to use delimiters or ignore instructions within the imported project data.
- Capability inventory: The agent can perform write actions on project trackers and post to Slack or Teams channels.
- Sanitization: The skill does not specify procedures for sanitizing or validating the content retrieved from external trackers.
Audit Metadata