jira-data-center

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md instructs the agent to send requests to https://unify.apideck.com/proxy with an x-apideck-downstream-url and states "Apideck ... returns Jira Data Center's raw response," meaning the agent will fetch and interpret user-generated Jira issue/comments (untrusted third-party content) as part of its workflow, which could contain instructions that influence subsequent actions.