jira
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill has an indirect prompt injection surface because it processes untrusted data from Jira fields such as issue descriptions and comments.
- Ingestion points: Data enters the agent context through
jira_get_issue,jira_search, andjira_get_commentstools defined inSKILL.md. - Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded commands within the ingested Jira data.
- Capability inventory: All operations are limited to read-only GET requests to the Jira API.
- Sanitization: No explicit sanitization or filtering of external content is mentioned in the provided files.
- [NO_CODE] (SAFE): The
__init__.pyfile contains only a docstring and no implementation logic for the tools defined in the YAML frontmatter. The analysis is based on the provided metadata and documentation. - [CREDENTIALS_UNSAFE] (SAFE): The skill correctly uses environment variables (
JIRA_API_TOKEN) for authentication instead of hardcoding secrets.
Audit Metadata