atlassian-jira-confluence

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly reads and searches user-generated content from external Jira/Confluence instances (e.g., confluence.cql, confluence.get_page_by_id/get_all_pages_from_space, confluence.scrap_regex_from_page, jira.jql, jira.issue_get_comments) as shown in SKILL.md and references/*, and that content is ingested and can drive follow-up actions (create/update/append pages, create/transition issues), so untrusted third-party content could indirectly inject instructions.