Skills
skills/sanjay3290/atlassian-skill/atlassian/Gen Agent Trust Hub

atlassian

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface
  • Ingestion points: The skill retrieves and processes untrusted data from Jira issues (summaries, descriptions, comments) and Confluence pages (titles, bodies) through scripts/jira.py and scripts/confluence.py.
  • Boundary markers: The retrieved content is injected into the agent's context without explicit delimiters or instructions to disregard any embedded commands within the text.
  • Capability inventory: The skill possesses significant capabilities, including creating, updating, and transitioning Jira issues, and creating or updating Confluence pages via the Atlassian REST API and MCP server.
  • Sanitization: While the skill uses strip_html_tags in scripts/confluence.py and _extract_adf_text in scripts/jira.py to prepare text for display, these methods do not filter or neutralize potentially malicious natural language instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 06:10 AM