Jira

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it uses your Jira API token to search Jira and make requested issue, comment, status, assignment, and worklog changes.

Install only if you trust the skill source and are comfortable giving it a Jira API token. Use a least-privilege Jira account or token, set JIRA_BOARD where practical, and review commands that create issues, change status, assign users, add comments, or log work because those changes persist in Jira.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill exposes state-changing commands such as status changes, assignment, comments, issue creation, and worklog logging without an explicit warning that these actions modify live Jira data. In an agent context, this increases the risk of accidental or unauthorized changes because a user may interpret the skill as read-only or low-risk and invoke destructive or audit-relevant operations without adequate confirmation.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: Issue-mutating commands such as create, transition, assign, comment, and log work execute immediately with no confirmation, dry-run mode, or high-signal warning. In an agent setting, this increases the chance of accidental state changes from prompt misunderstanding, ambiguous inputs, or unsafe tool invocation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal