jira
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system binaries
curlandjqto perform network requests to the Jira API and process the resulting JSON data. These operations are aligned with the skill's stated purpose. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests untrusted data from an external source (Jira issues).
- Ingestion points: Fetches issue summaries, descriptions, and comments via
rest/api/3/searchandrest/api/3/issue/{id}inSKILL.md. - Boundary markers: No delimiters or explicit instructions are used to distinguish external data from agent instructions.
- Capability inventory: Includes network operations (
curl) for reading, creating, and modifying resources within the Jira instance. - Sanitization: No sanitization or validation of the retrieved content is performed before the data is presented to the agent.
Audit Metadata