krt-jira-scribe

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls out to an external Jira Server/Data Center instance (see SKILL.md Workflow steps and references/jira-api.md showing REST calls like /rest/api/2/search, /rest/api/2/issue/$ISSUE_KEY, and sprint/transition endpoints) and requires reading issue summaries/descriptions/transitions from that third-party (user-generated) system to decide reuse, creation, and transitions, so untrusted content can materially influence agent actions.