Skills
skills/claude-office-skills/skills-hub/Jira Automation/Gen Agent Trust Hub

Jira Automation

Pass

Audited by Gen Agent Trust Hub on Jun 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests untrusted data from Jira issues and interpolates it into templates used for agent reasoning.
  • Ingestion points: Data is pulled from external sources into the bug_template, feature_template, and epic_template structures defined in SKILL.md (fields like {{description}}, {{user_type}}, and {{overview}}).
  • Boundary markers: The templates do not utilize specific delimiters or instructions to prevent the agent from following commands that might be hidden within Jira issue descriptions.
  • Capability inventory: The skill utilizes tools for modifying system state, including jira_create_issue, jira_update_issue, and jira_transition as defined in the frontmatter.
  • Sanitization: There is no evidence of validation or sanitization of external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 3, 2026, 02:51 PM
Security Audit — agent-trust-hub — Jira Automation