jira

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Both links point to a third‑party GitHub user and include a direct raw shell installer plus a scoop bucket (which can reference executables); while GitHub is legitimate, piping/ running a raw install.sh or adding an untrusted scoop bucket can execute arbitrary code or install unverified binaries, so this is potentially risky unless you verify the repository and script contents and the author's reputation.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill reads and acts on content from external Jira instances (untrusted, user-generated) as shown in SKILL.md and references/commands.md — e.g., "orbit ... jira issue view" exposes issue descriptions, comments and attachment download URLs, and "jira export"/issue download convert and ingest third-party ADF/descriptions and attachments into the agent's workflow — so those external contents could contain instructions that influence subsequent actions.