jira
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect prompt injection surface detected. The skill processes ticket data from an external source (JIRA) which may be controlled by untrusted users.
- Ingestion points:
scripts/get_ticket.tsfetches and extracts text from thefields.descriptionandfields.summaryfields;scripts/list_tickets.tsfetches and displaysfields.summary. - Boundary markers: Absent. The scripts output the raw text of the tickets directly to the console/context without using delimiters or system-level instructions to ignore potential commands embedded in the data.
- Capability inventory: The skill possesses write capabilities including adding comments (
scripts/add_comment.ts) and transitioning ticket statuses (scripts/update_ticket.ts). - Sanitization: Absent. The
extractTextfunction inget_ticket.tsperforms structural extraction of the Atlassian Document Format (ADF) but does not sanitize the string content for malicious instructions.
Audit Metadata