The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted data from external Jira issue descriptions and comments, presenting a risk of indirect prompt injection. * Ingestion points: Data retrieved via jira_get_issue from the Jira API. * Boundary markers: There are no explicit instructions for the agent to treat issue content as untrusted or to ignore embedded instructions. * Capability inventory: The skill can write to the local file system for caching and can download binary attachments. * Sanitization: The skill implements a MIME type check that restricts the download of text/plain and other text/* attachments to prevent potential script execution or sensitive file retrieval.
[COMMAND_EXECUTION]: The skill instructions recommend that users manually update shell profiles such as .zshrc or .bashrc to configure the $JIRA_CACHE_DIR environment variable.

jira-read