The Agent Skills Directory

[DATA_EXFILTRATION]: The skill performs network operations to external Atlassian instances (Jira and Confluence) using user-provided API tokens. While this is the intended functionality, it involves the transmission of potentially sensitive project and documentation data to external infrastructure.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external sources.
Ingestion points: Untrusted data enters the agent context through tools such as jira_get_issue, jira_get_issue_comments, confluence_get_page, and confluence_get_page_comments (SKILL.md).
Boundary markers: There are no explicit instructions for the agent to use delimiters or boundary markers to isolate retrieved content from its own instructions (SKILL.md).
Capability inventory: The skill possesses extensive capabilities including issue creation/modification (jira_create_issue, jira_update_issue), workflow transitions (jira_transition_issue), and document management (confluence_create_page, confluence_update_page, confluence_delete_page) (SKILL.md).
Sanitization: No automated sanitization or filtering of external content is described; however, the skill mandates 'human-in-the-loop confirmation' for all write operations as a mitigation (SKILL.md).

atlassian-itsm