Skills
skills/bnadlerjr/dotfiles/managing-jira/Gen Agent Trust Hub

managing-jira

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands via the jira CLI to interact with Jira project data. It includes shell loops for bulk operations and uses temporary files in /tmp to handle multi-line issue descriptions.\n- [PROMPT_INJECTION]: The skill has an attack surface for Indirect Prompt Injection because it reads and processes untrusted content from external Jira tickets.\n
  • Ingestion points: Commands defined in references/cli-reference.md (e.g., jira issue view, jira issue list) retrieve ticket summaries, descriptions, and comments from a remote server.\n
  • Boundary markers: The skill does not use delimiters or instructions to ignore potential commands embedded within the retrieved Jira data.\n
  • Capability inventory: The documentation in SKILL.md and references/cli-reference.md demonstrates capabilities to modify the Jira environment, including creating, editing, and transitioning issues.\n
  • Sanitization: No evidence of sanitization or validation of the fetched Jira content is provided before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 10:17 PM