Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

About using Rovo Agents

Lucas Oliveira
Lucas Oliveira
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 8, 2025

From what I gather, the agent doesn't seem fully assertive, since even when the instructions are changed, it can still pull in information beyond the specified data source. While it does check user permissions, the issue is that the agent can still share text-based information even when the user isn’t allowed to access the original content. The user just can't open the actual page, but they still receive details from it — which defeats the purpose if we want to enforce strict access controls.

During my tests, I also noticed that users can get information from restricted Confluence spaces by simply asking other Rovo agents in the company, even if they don’t have access to that space themselves.

Another point is that there doesn't seem to be any restriction on who can access the agents themselves — it looks like everyone in the company can find and use any agent that’s been created.

Is there any official place where we can suggest improvements or share feedback?
Right now, the agent’s behavior makes it hard to justify using it with a knowledge base if it doesn’t strictly respect the data boundaries — or if it exposes info to users who shouldn't have access to the source.

Answer
Watch
Like Mia Tamm likes this
50 views

2 answers

0 votes
Mia Tamm
Mia Tamm
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 9, 2025

Hi @Lucas Oliveira ,

Thanks for sharing your detailed observations. As @Kian Stack Mumo Systems mentioned, the Rovo project page on Atlassian Jira is the right place to raise this. There’s already an open feature request to hide agents from users, but your point about agents returning text from restricted pages isn’t listed there and it’s definitely something Atlassian would want to review.

I’d recommend opening a separate ticket describing exactly what you’ve tested (without including sensitive data) so the team can confirm if this is intended behavior or a bug. That will also make it easier for others to track and vote on it.

— Mia Tamm from Simpleasyty

Reply
0 votes
Kian Stack Mumo Systems
Kian Stack Mumo Systems
Community Champion
August 8, 2025

@Lucas Oliveira, welcome to the community! 

I would start by taking a look at the Rovo project on the Atlassain Jira. From a quick search, I actually see that there is an open feature request to hide agents from users. I didn't see anything about Rovo providing text from restricted pages, but that does sound like an issue Atlassian would want to be made aware of! I would submit a ticket in there as a bug or an improvement. 

 

Thanks, 

Kian

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security