Jenkins
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for Jenkins access, but it can use a Jenkins API token to start or stop CI/CD jobs without built-in scoping or confirmation.
Review before installing. If you use it, configure a dedicated least-privilege Jenkins token over HTTPS, require explicit confirmation before build/stop actions, limit which jobs or environments may be controlled, and avoid pulling full console logs unless needed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using a sufficiently privileged Jenkins token could start or interrupt CI/CD jobs, which may deploy code or disrupt pipelines.
The script directly sends POST requests that trigger and stop Jenkins builds, and the artifacts do not show a confirmation step, allowlist, or environment boundary for these high-impact operations.
await request(buildUrl, { method: "POST" }); ... await request(`/job/${encodeURIComponent(job)}/${buildNum}/stop`, { method: "POST" });Require explicit user approval for build and stop actions, restrict the Jenkins token to least privilege, and consider allowlisting approved jobs or environments.
The skill can act with the Jenkins permissions of the configured user/token.
The script uses a Jenkins API token for Basic Auth. This is purpose-aligned, but the token may carry broad Jenkins permissions and should be scoped carefully.
const JENKINS_API_TOKEN = process.env.JENKINS_API_TOKEN; ... "Authorization": `Basic ${auth}`Use a dedicated least-privilege Jenkins token, prefer HTTPS Jenkins URLs, and avoid using a highly privileged administrator credential.
Sensitive CI/CD log data could be exposed in the chat or reused by the agent as context.
The console command returns Jenkins console output into the agent-visible result. Build logs may contain secrets, internal details, or untrusted text.
console.log(JSON.stringify({ job: job, build: last ? "last" : buildNum, console: output }, null, 2));Use the --tail option when possible, avoid retrieving logs that may contain secrets, and treat console output as untrusted text.
Users have less external assurance about the maintainer or upstream source of a tool that can affect Jenkins pipelines.
For a CI/CD automation skill, limited source provenance reduces assurance even though the included script is visible and no remote installer is shown.
Source: unknown; Homepage: none
Review the bundled script before use and prefer a skill with a verifiable source or trusted publisher for production Jenkins access.