jira

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly fetches and interprets user-generated Jira content via the Atlassian MCP calls listed in SKILL.md (e.g., getJiraIssue, getTransitionsForJiraIssue, getJiraProjectIssueTypesMetadata), and those fields (summary/description/transition names) are used to choose transitions, generate branch names, and drive execute-mode actions, so untrusted issue text could materially influence agent behavior.