Skills
skills/wizeline/sdlc-agents/incident-ingesting/Gen Agent Trust Hub

incident-ingesting

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes untrusted data from external Jira tickets.
  • Ingestion points: The skill retrieves content from the summary, description, comment, and attachment fields of Jira issues via the Atlassian MCP server.
  • Boundary markers: The instructions do not specify the use of delimiters (e.g., XML tags or triple quotes) to isolate the external content within the intake package, nor do they include instructions for the agent to ignore embedded commands.
  • Capability inventory: The agent has access to powerful tools including Bash, Read, Write, and Task, which increases the potential impact of an injection attack.
  • Sanitization: No sanitization or validation logic is defined for the content extracted from Jira before it is handed off to subsequent response phases.
  • [EXTERNAL_DOWNLOADS]: The skill interfaces with the Atlassian MCP server at https://mcp.atlassian.com/v1/mcp. This is a well-known service endpoint used for its intended purpose of Jira integration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 03:29 AM