jira

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and included scripts (e.g., SKILL.md commands like "jira issue view PROJ-123 --comments 5" and scripts/jira_context.rb and scripts/jira_fields.rb) explicitly fetch and parse user-generated Jira issue descriptions and comments from a JIRA_URL (remote Jira server) and use that extracted content as agent-readable context that can influence actions (issue transitions, comments, field edits), creating a clear channel for untrusted third-party content to inject instructions.