using-jira-cli

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill manages authentication tokens securely using environment variables and explicitly warns against storing or printing tokens in logs, shell history, or chat context.
  • [SAFE]: The skill uses the jira CLI to interact with Jira. It explicitly instructs the agent to show the exact command and ask for user confirmation before performing any action that changes Jira state (create, edit, delete, etc.), providing a robust safety barrier.
  • [SAFE]: Although the skill processes untrusted data from external Jira issues, the mandatory confirmation rule for write operations protects against indirect prompt injection attacks. Ingestion occurs via jira issue view and jira issue list in SKILL.md; no explicit boundary markers or sanitization are defined, but the capability for modification is gated by human review.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 07:34 AM
Security Audit — agent-trust-hub — using-jira-cli