bitbucket-automation
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and documentation are focused on legitimate automation of Bitbucket services. No malicious patterns or obfuscation techniques were detected.- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process data from external sources (Bitbucket), which presents a potential surface for indirect prompt injection. \n
- Ingestion points: Tools such as
BITBUCKET_GET_PULL_REQUEST_DIFF,BITBUCKET_LIST_ISSUES, andBITBUCKET_GET_PULL_REQUEST(documented inSKILL.md) read data from external repositories and issue trackers. \n - Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious commands within the fetched data. \n
- Capability inventory: The skill provides write and delete capabilities, including
BITBUCKET_CREATE_PULL_REQUEST_COMMENT,BITBUCKET_DELETE_REPOSITORY, andBITBUCKET_DELETE_ISSUE(documented inSKILL.md). \n - Sanitization: There is no mention of sanitizing or validating the content retrieved from Bitbucket before it is processed by the agent context. \n
- Note: This risk is inherent to the primary purpose of the skill and is documented for awareness.
Audit Metadata