Skillv1.0.0

ClawScan security

Jira Expert Brajesh 1 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 25, 2026, 1:45 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to be a legitimate Jira helper, but its runtime instructions assume access to a Jira CLI/instance and credentials that the package does not declare, creating an incoherence you should resolve before installing.
Guidance: This skill largely matches its advertised Jira purpose, but it assumes a Jira CLI ('mcp') and access to Jira (API/CLI credentials) that are not declared. Before installing or enabling it: 1) Ask the publisher how the skill authenticates to Jira and whether it requires an 'mcp' binary or an API token; request exact install steps. 2) If you must provide credentials, prefer a scoped service account or API token with minimal permissions (avoid full admin tokens). 3) Review the included Python scripts (jql_query_builder.py and workflow_validator.py) yourself for any unexpected network calls—they appear local, but truncated comments indicate the code is for building queries and validating workflows. 4) Test in a non-production / sandbox Jira environment first (especially project-creation and bulk operations). 5) If the source/publisher is unknown or cannot explain credential handling, treat this as higher risk and avoid granting broad credentials or running destructive commands.

Review Dimensions

Purpose & Capability: concernThe name, SKILL.md, and included utilities (JQL builder, workflow validator) are coherent with a Jira expert skill. However, the SKILL.md examples call a CLI ('mcp jira ...') and describe making project/config changes in Jira, yet the skill declares no required binaries, no credentials, and no install steps—so it implicitly requires external tooling and credentials that are not declared.
Instruction Scope: concernThe instructions explicitly tell the agent to run CLI commands that perform create/update/search operations against Jira (e.g., 'mcp jira create_project' and 'mcp jira search_issues'). The instructions do not ask the agent to read local system files or unrelated secrets, but they do assume the presence of a configured Jira integration and credentials — behavior that is not documented in requires.env or installation notes.
Install Mechanism: okNo install spec is provided (instruction-only plus bundled Python helpers). That minimizes installation risk because nothing is automatically downloaded or executed on install. The included Python scripts operate locally and appear to implement query-building and validation logic consistent with the skill's purpose.
Credentials: concernThe skill needs access to Jira to perform actions, but requires.env is empty and primary credential is none. That is disproportionate: project creation and automation management normally require a Jira API token or CLI credentials. The absence of declared credential requirements is an unexplained gap and could lead an agent to attempt to reuse existing credentials or prompt the user for broad-scoped secrets.
Persistence & Privilege: okThe skill is not marked 'always: true', does not request system-wide config paths, and does not declare autonomous privileged persistence. It appears to be a normal, user-invocable skill without elevated platform privileges.