jira-plan
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted content from external Jira tickets (Summary, Description, Acceptance Criteria) which could contain malicious instructions designed to influence agent behavior. * Ingestion points: External data enters the context via the
mcp_jira_getJiraIssuetool in Step 1. * Boundary markers: The instructions lack delimiters or explicit warnings to the agent to ignore potentially malicious instructions embedded within the ticket fields. * Capability inventory: The skill utilizesTodoWriteto create session tasks and interacts with the Jira environment via MCP tools. * Sanitization: There is no requirement for the agent to sanitize or escape the ticket content before generating the implementation plan or todo list. - [NO_CODE]: This skill provides logical workflows and templates for planning but does not contain or execute any code or scripts.
Audit Metadata