jira

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (SKILL.md steps 2–3) runs the local command cubrid-jira-search which fetches issue details from the CUBRID JIRA REST API and then presents that user-generated JIRA content "as-is", meaning untrusted third-party content is ingested and read by the agent and could contain instructions that influence subsequent behavior.