skills/narumiruna/skills/jira-cli/Gen Agent Trust Hub

jira-cli

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides a secure framework for using the ankitpokhrel/jira-cli tool. It mandates security practices such as avoiding token exposure and requiring user confirmation for data-modifying actions. Additionally, it follow best practices for secret management by instructing the user to use environment variables for credentials.
  • [EXTERNAL_DOWNLOADS]: The documentation points to the official JiraCLI installation guide on GitHub, which is a well-known and trusted source for this utility.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted data from external Jira instances.
  • Ingestion points: Data enters the context through jira issue view and jira issue list in SKILL.md.
  • Boundary markers: The skill does not define specific delimiters for Jira content in the agent's context.
  • Capability inventory: The agent can perform various operations via the jira CLI, such as creating, transitioning, or deleting issues as seen in SKILL.md.
  • Sanitization: No explicit filtering or sanitization of the retrieved Jira data is performed.
  • Mitigation: The skill reduces the impact of potential injection by enforcing a "read-only first" workflow and requiring explicit user authorization for any write operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 03:15 PM
Security Audit — agent-trust-hub — jira-cli