Skills
skills/openshift-hyperfleet/hyperfleet-claude-plugins/JIRA Story Point Estimator/Gen Agent Trust Hub

JIRA Story Point Estimator

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes jira CLI commands (view, list, edit) to interact with JIRA projects. While these are necessary for the skill's primary function, they provide the underlying capability for the agent to modify external data based on analyzed content.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to how it handles external data.
  • Ingestion points: Untrusted data enters the agent context via jira issue view TICKET-KEY as described in SKILL.md when fetching ticket descriptions and acceptance criteria.
  • Boundary markers: The instructions do not define any delimiters or explicit 'ignore embedded instructions' warnings when the agent processes the fetched JIRA content.
  • Capability inventory: The skill has the capability to modify JIRA tickets via jira issue edit, which could be abused if the agent follows malicious instructions found within a ticket description.
  • Sanitization: There is no evidence of sanitization, filtering, or validation performed on the JIRA ticket content before it is processed by the language model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 06:21 PM