atlassian
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted content from external Atlassian Jira and Confluence instances.
- Ingestion points: Untrusted data enters the agent context through API responses from Jira issue retrieval (Get Issue, Search Issues) and Confluence page/comment retrieval (Get Page, List Pages, Get Comments) as defined in SKILL.md.
- Boundary markers: The skill instructions do not define clear delimiters or include warnings to the agent to distinguish potentially malicious instructions embedded within the retrieved Jira or Confluence content.
- Capability inventory: The skill has the capability to perform authenticated HTTP requests via curl to create or modify Jira issues and Confluence pages, which could be abused if an injection is successful.
- Sanitization: There is no evidence of input validation or sanitization of content retrieved from the external API before it is processed.
Audit Metadata