Skills
skills/sh0ckwavezero/ai-agent-skills/jira-cr/Gen Agent Trust Hub

jira-cr

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the 'run_command' tool to execute 'git diff --staged'. This is a standard and expected operation for the skill's primary purpose. The command is static and does not incorporate untrusted user input into the shell string.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes untrusted data from external sources.
  • Ingestion points: External data is ingested via the 'getJiraIssue' tool, specifically from the issue's Summary, Description, and Acceptance Criteria fields.
  • Boundary markers: The skill does not use specific delimiters or instructions to prevent the agent from following directives potentially embedded in the Jira ticket content.
  • Capability inventory: The skill has the capability to execute local shell commands (git) and post content back to Jira.
  • Sanitization: No validation or sanitization of the Jira ticket data is performed before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:53 AM