skills/atlassian/twg-cli/twg-jira/Gen Agent Trust Hub

twg-jira

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates mutations and administrative tasks via the 'twg' tool suite. These capabilities include creating workitems, transitioning statuses, and modifying Jira configuration. The skill mitigates risks by requiring state checks before updates and explicit user approval for any consequential changes.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. 1. Ingestion points: Data enters via workitem reads and searches in 'references/workitems.md' and 'references/querying.md'. 2. Boundary markers: None are defined to separate untrusted Jira content from instructions. 3. Capability inventory: Significant write access and administration capabilities are described in 'SKILL.md' and 'references/administration.md'. 4. Sanitization: No content sanitization is specified. This is a low-severity risk inherent to processing external ticket data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 09:04 AM
Security Audit — agent-trust-hub — twg-jira