aile-requirement-intake
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted data from external Jira stories which presents an injection surface. • Ingestion points: The
jira_get_issuetool in SKILL.md fetches user-controlled descriptions and acceptance criteria. • Boundary markers: Absent; there are no instructions to the agent to disregard instructions embedded within the Jira content. • Capability inventory: The skill has write access viajira_add_comment, allowing it to post manipulated content back to the platform. • Sanitization: Absent; the content is summarized directly. - Credentials Security (SAFE): The skill correctly mandates that API tokens must be injected via environment variables rather than hardcoded.
Audit Metadata