atlassian-skills

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs and shows examples of constructing AtlassianCredentials with API tokens passed directly in code/parameters (Agent Mode), which requires the LLM to handle and potentially output secret values verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's core workflow and scripts (e.g., scripts/confluence_pages.py, scripts/confluence_search.py, scripts/confluence_comments.py, scripts/bitbucket_files.py and others) explicitly fetch and return user-generated content from configured Atlassian instances (examples include https://jira.sil.org and https://company.atlassian.net/wiki), and the agent is expected to read and act on that content as part of its workflows (shown in SKILL.md), so untrusted third-party page/comments/files could contain instructions that influence subsequent tool actions.