jira-cli
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides detailed syntax and examples for executing Atlassian CLI (acli) commands to interact with Jira for searching, viewing, and modifying tickets.
- [PROMPT_INJECTION]: Contains a surface for indirect prompt injection as it instructs the agent on how to ingest data from external Jira tickets which may contain malicious instructions.
- Ingestion points: Ticket content retrieved via 'acli jira workitem search' and 'acli jira workitem view' commands in SKILL.md.
- Boundary markers: Absent; the documentation does not suggest using delimiters or 'ignore' instructions for external ticket content.
- Capability inventory: Subprocess execution of the 'acli' command-line tool with permissions to transition, edit, and comment on work items.
- Sanitization: Absent; no validation or sanitization steps are defined for the data retrieved from Jira before it is processed by the agent.
Audit Metadata