jira
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted data from Jira tickets that could contain malicious instructions intended to influence agent behavior. Ingestion points: Ticket content retrieved via
acli jira workitem viewandacli jira workitem searchin SKILL.md. Boundary markers: Absent; no instructions are provided to the agent to treat external ticket content as data only. Capability inventory: Extensive Jira management including creation, modification, and deletion of work items. Sanitization: Absent. - [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands using the
aclitool. It includes capabilities to read local files via flags like--from-file, which could be exploited to access sensitive local data if the agent is misled by malicious user input or untrusted ticket content.
Audit Metadata