Atlassian aCLI Reference Skill for Jira and Confluence

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Atlassian CLI helper with powerful Jira and admin commands disclosed, but users should be careful with bulk and ownership-changing operations.

Install this only if you want an agent to help operate Atlassian acli with your Jira or admin permissions. Confirm exact targets before bulk edits, ownership changes, deletes, archives, user-management actions, or any use of --ignore-errors/--yes, and protect API tokens or attached files from accidental exposure.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 77% confidence
Finding: Changing filter ownership is an administrative action that can transfer control over shared resources and potentially expose or disrupt workflows if run on the wrong IDs. In a CLI skill meant to guide execution, documenting this command without any warning or confirmation guidance increases the chance of unsafe use, especially with bulk flags like --id, --from-file, and --ignore-errors.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal