The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The script fetches Jira issue data (JSON, HTML, XML) and attachments from the user-specified Atlassian server or the JIRA_SERVER environment variable.- [DATA_EXFILTRATION]: The skill extracts browser session cookies using the Chrome DevTools protocol. This is a high-privilege operation used here to bypass SSO limitations. The cookies are used locally for authenticating fetch requests to Jira and are not exfiltrated to any third-party telemetry or collection servers.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it retrieves and saves content from an external source (Jira). If a Jira ticket contains malicious instructions, they could be processed by the agent during the archival task.
Ingestion points: Jira REST API responses (issue.json), rendered HTML (issue.html), and XML views (issue.xml) saved in scripts/jira-browser-fetch.js.
Boundary markers: No specific delimiters or 'ignore' instructions are used to separate fetched Jira content from agent instructions in the output files.
Capability inventory: The skill can perform network requests (fetch) and file system writes (fsp.writeFile) to any path specified by the user.
Sanitization: The skill performs basic filename sanitization (safeName) for attachments in scripts/lib.js but does not sanitize the text content of the Jira issues.

jira-browser-fetch