atlassian-integration
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configuration facilitates the setup of a Model Context Protocol server by downloading the @atlassian/mcp-atlassian package.
- Evidence: Found in the MCP Server Configuration section using npx -y @atlassian/mcp-atlassian.
- [COMMAND_EXECUTION]: The skill provides numerous Bash commands to perform operations across Atlassian products.
- Evidence: Shell scripts throughout the document use curl for API requests and logic for task automation.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its integration with external content sources.
- Ingestion points: Data is retrieved from Jira issue fields, Confluence page bodies, and Bitbucket pull request metadata.
- Boundary markers: The scripts do not employ specific delimiters or instructions to ignore embedded commands in the retrieved data.
- Capability inventory: The skill has access to Bash for command execution and tools for file writing and web fetching.
- Sanitization: No content sanitization is performed on retrieved data before it is presented to the agent.
Audit Metadata