jira-issues
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (MEDIUM): The setup instructions recommend running
npx @anthropic/create-mcp-server jira. This command downloads and executes remote code from the npm registry. While typically safe for official tools, the source and package are not in the predefined trusted list, and npx execution is a high-risk pattern that was downgraded to MEDIUM due to being part of the primary setup. \n- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection as it processes user-provided text for issue summaries and comments without sanitization or boundary markers. \n- Ingestion points:summary,description, andcomment_textparameters inSKILL.md. \n- Boundary markers: Absent in code snippets and instructions. \n- Capability inventory: The skill performs network operations to the Jira REST API to create and modify data. \n- Sanitization: No input validation or escaping is applied to processed strings. \n- [EXTERNAL_DOWNLOADS] (MEDIUM): Relies on the external download of a server package during setup. \n- [COMMAND_EXECUTION] (LOW): Recommends manual execution of shell commands for setting environment variables.
Audit Metadata