atlassian-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches Jira issues and Confluence pages from the user's Atlassian Cloud (see Steps 4, 6, 7 and Step 10 "Test the Connection" calling Jira projects API and Confluence search), and then reads and uses those user-generated documents to drive meeting-prep, daily-plan, project-health and task-sync behavior, so untrusted third-party content can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill adds an MCP entry that runs "npx mcp-remote@latest https://mcp.atlassian.com/v1/sse" at runtime, which causes npx to fetch and execute remote package code and connect to the external SSE endpoint https://mcp.atlassian.com/v1/sse as a required dependency for OAuth, so remote content is executed during runtime.