ClawHub

Jira Ops

v1.0.0

Retrieve, analyze, and update Jira tickets directly. Supports MCP-based (recommended) and direct REST API approaches. Trigger phrases: fetch Jira ticket, upd...

0· 75·0 current·0 all-time
byDeonte Cooper@djc00p
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the requested environment variables (JIRA_URL, JIRA_EMAIL, JIRA_API_TOKEN) and the described capabilities (search, fetch, update, transition). Minor inconsistency: SKILL.md recommends installing an MCP client via the 'uvx' tool, but the skill metadata does not declare 'uvx' as a required binary or provide an install spec.
Instruction Scope
SKILL.md only instructs the agent to interact with Jira (via MCP tooling or direct REST API) and to use the declared environment variables. It does not ask the agent to read unrelated files, exfiltrate data to third parties, or access system paths outside the Jira integration context.
Install Mechanism
This is an instruction-only skill with no install spec or shipped code (lowest disk risk). It suggests using 'uvx' to install 'mcp-atlassian==0.21.0' but does not provide an install specification or provenance for that package; if you choose MCP, verify the uvx tool and package source before installing.
Credentials
The three required environment variables (JIRA_URL, JIRA_EMAIL, JIRA_API_TOKEN) are appropriate and expected for a Jira integration. They are sensitive credentials, so least-privilege token scopes and secret storage are advised (the SKILL.md already recommends not hardcoding tokens).
Persistence & Privilege
The skill does not request persistent system presence (always: false), does not modify other skills' configurations, and has no config-path requirements. It is user-invocable and may be called autonomously by the agent (platform default) but that is not unusual for skills.
Assessment
This skill appears to do what it says: read and update Jira issues. Before installing or enabling it, verify the following: 1) Only provide a Jira API token scoped with the minimum permissions needed (prefer read or limited write scopes), store it in a secrets manager or env var, and rotate it if exposed. 2) If you plan to use the MCP path, confirm you trust the 'uvx' tool and the 'mcp-atlassian' package source before installing—the SKILL.md recommends installation but the registry metadata does not declare uvx as a required binary. 3) Remember the agent (if allowed) can perform writes to your Jira project; consider restricting autonomous invocation or using a token with limited update rights for safer testing. 4) If you need higher assurance, request an install spec or package provenance from the publisher and test with a sandbox Jira project first.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🎫 Clawdis
OSLinux · macOS · Windows
EnvJIRA_URL, JIRA_EMAIL, JIRA_API_TOKEN
latestvk977q4k042f2qrz0kdc753wmtn849wm9
75downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
Linux, macOS, Windows
Deonte Cooper@djc00p
latest
Download

Jira Integration

Retrieve, analyze, and update Jira tickets with MCP or direct REST API.

When to Activate

  • Fetching ticket requirements and acceptance criteria
  • Adding progress comments or status updates
  • Transitioning ticket status (To Do → In Progress → Done)
  • Searching for issues via JQL queries
  • Linking PRs or branches to tickets

Setup

Option A: MCP Server (Recommended)

Install mcp-atlassian via uvx:

{
  "jira": {
    "command": "uvx",
    "args": ["mcp-atlassian==0.21.0"],
    "env": {
      "JIRA_URL": "https://YOUR_ORG.atlassian.net",
      "JIRA_EMAIL": "your.email@example.com",
      "JIRA_API_TOKEN": "your-api-token"
    }
  }
}

Get your API token: https://id.atlassian.com/manage-profile/security/api-tokens

Option B: Direct REST API

Set these environment variables:

  • JIRA_URL — Jira instance URL
  • JIRA_EMAIL — Your account email
  • JIRA_API_TOKEN — API token (never hardcode)

MCP Tools

With mcp-atlassian configured:

  • jira_search — JQL queries
  • jira_get_issue — Fetch issue details
  • jira_create_issue — Create new issues
  • jira_update_issue — Update fields
  • jira_transition_issue — Change status
  • jira_add_comment — Add comments
  • jira_get_transitions — List available transitions

Analyzing Tickets

Extract from tickets:

  • Functional requirements — What needs to be built
  • Acceptance criteria — Testable conditions
  • Test types — Unit, integration, E2E
  • Edge cases — Error scenarios, boundary conditions
  • Dependencies — Linked issues, APIs, systems

Updating Tickets

WorkflowJira Action
Start workTransition to "In Progress" + comment branch name
Tests doneComment with test coverage summary
PR createdComment with link, transition if needed
MergedTransition to "Done"

Security

  • Never hardcode API tokens
  • Use environment variables or secrets manager
  • Add .env to .gitignore
  • Rotate tokens if exposed
  • Use least-privilege scopes

Comments

Loading comments...