jira-cli
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a secure framework for using the
ankitpokhrel/jira-clitool. It mandates security practices such as avoiding token exposure and requiring user confirmation for data-modifying actions. Additionally, it follow best practices for secret management by instructing the user to use environment variables for credentials. - [EXTERNAL_DOWNLOADS]: The documentation points to the official JiraCLI installation guide on GitHub, which is a well-known and trusted source for this utility.
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted data from external Jira instances.
- Ingestion points: Data enters the context through
jira issue viewandjira issue listinSKILL.md. - Boundary markers: The skill does not define specific delimiters for Jira content in the agent's context.
- Capability inventory: The agent can perform various operations via the
jiraCLI, such as creating, transitioning, or deleting issues as seen inSKILL.md. - Sanitization: No explicit filtering or sanitization of the retrieved Jira data is performed.
- Mitigation: The skill reduces the impact of potential injection by enforcing a "read-only first" workflow and requiring explicit user authorization for any write operations.
Audit Metadata