jira-to-beads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches JIRA issues from the public SIL JIRA instance via scripts/export_jira_assigned.py (which calls jira_search) and then reads .cache/jira_assigned.json in scripts/create_beads_from_jira.py to use untrusted, user-generated fields (summary, assignee, status, etc.) to decide which issues to create and how to populate/label/assign them, so third-party content can materially influence tool actions.