opsx-jira-fix-batch
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow that ingests external data from Jira and repository artifacts, which represents a surface for indirect prompt injection.
- Ingestion points: Jira IDs and URLs (SKILL.md) and project artifacts like design.md, tasks.md, and PR/MR diffs read during orchestration.
- Boundary markers: Absent; no specific instructions are provided to the agent to treat external content as untrusted or to use delimiters to separate data from instructions.
- Capability inventory: The skill calls the 'opsx-jira-fix-workflow' skill and performs file writes to repository documents (design.md).
- Sanitization: Absent; no content filtering or validation is specified for the Jira or PR data before it is processed by the agent.
- [SAFE]: No executable scripts, shell commands, or binary files are included in the skill definition.
- [SAFE]: No hardcoded credentials, sensitive file access (e.g., SSH keys, environment secrets), or unauthorized network operations were detected.
Audit Metadata