atlassian
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: The skill retrieves dynamic content from Jira (issue summaries, descriptions, comments) and Confluence (pages, blog posts) which are considered untrusted external inputs.
- Boundary markers: The skill does not implement specific delimiters or 'ignore embedded instructions' markers to separate fetched data from agent commands.
- Capability inventory: The skill possesses the capability to execute shell commands via
acli, modify issue statuses, and write to the local filesystem, which could be misused if a malicious instruction from a fetched issue is followed by the agent. - Sanitization: No sanitization or validation of external content is specified in the skill's instructions.
Audit Metadata