atlassian
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Invokes shell commands to manage Atlassian products.
- Evidence: Uses the
/opt/homebrew/bin/acliexecutable for all Jira and Confluence interactions via shell environment tools. - [PROMPT_INJECTION]: Identifies a vulnerability surface for indirect prompt injection.
- Ingestion points: Untrusted content is ingested from Jira work items and Confluence pages through
acliview and search commands in SKILL.md. - Boundary markers: No delimiters or ignore-instructions are implemented in the skill templates to isolate external data from system instructions.
- Capability inventory: The agent possesses shell execution capabilities and permissions to interact with and modify Atlassian resources.
- Sanitization: No sanitization or validation of the fetched external content is performed before it is added to the agent's context.
Audit Metadata