Skills
skills/mgiovani/skills/jira-daily/Gen Agent Trust Hub

jira-daily

Warn

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads from ~/.config/.jira/.config.yml to extract the Jira project key. Accessing configuration files in the user's home directory is a sensitive file path access.
  • [COMMAND_EXECUTION]: Shell commands are used to interact with jira-cli and git. Examples include jira issue list and git log, which are executed to gather work activity metrics.
  • [EXTERNAL_DOWNLOADS]: The skill documentation refers to an external repository (github.com/ankitpokhrel/jira-cli) as a required dependency for the skill's functionality.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface:
  • Ingestion points: Untrusted data enters the agent context via Jira ticket summaries, descriptions, and git commit messages processed during the gathering phase.
  • Boundary markers: No explicit delimiters or instructions are used to separate untrusted data from the agent's core prompts when being analyzed by sub-agents in Phase 4.
  • Capability inventory: The skill uses cat for file reading and executes shell commands via the jira and git command-line tools.
  • Sanitization: There is no evidence of sanitization or escaping of the content retrieved from Jira or Git before it is interpolated into prompts for analysis.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 9, 2026, 04:32 PM
Security Audit — agent-trust-hub — jira-daily