dev-fix
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data from external, potentially untrusted sources like JIRA tickets and Confluence documentation.
- Ingestion points: JIRA bug reports (Reproduce steps, Expected/Actual results) and Confluence logic/specs are accessed in Step 1 of the workflow.
- Boundary markers: No specific boundary markers or 'ignore' instructions are defined to separate external data from the agent's primary instructions.
- Capability inventory: The skill possesses the capability to modify the filesystem (creating worktrees), implement code changes, and generate pull requests (Steps 2 and 4).
- Sanitization: There is no explicit sanitization or validation of the content retrieved from JIRA/Confluence before it is used to formulate implementation plans or write code.
Audit Metadata