Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
JIra and Confluence
v1.0.0CLI tool for interacting with Atlassian Jira and Confluence
⭐ 0· 2.1k·6 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name and description (Jira & Confluence CLI) match the actions described in SKILL.md (issue/project/user/confluence commands). This functionality reasonably needs Jira host, user email, and an API token — but those credentials are not declared in the skill metadata, which is an inconsistency.
Instruction Scope
SKILL.md instructs installing the tool with `npm install -g jira-ai` and creating/using a .env file containing JIRA_HOST, JIRA_USER_EMAIL, and JIRA_API_TOKEN (and then running `jira-ai auth --from-file`). Those instructions are within the tool's stated purpose but explicitly require the agent (or user) to provide sensitive credentials and to run commands that install/run third‑party code.
Install Mechanism
The skill has no install spec in the registry, yet the instructions recommend installing a globally-scoped npm package. That means the skill expects software from the public npm ecosystem (source not verified here). The registry should either declare the install or at least declare the external dependency; absence increases risk because the package origin/contents are not validated by the platform metadata.
Credentials
SKILL.md requires sensitive environment values (JIRA_HOST, JIRA_USER_EMAIL, JIRA_API_TOKEN) but the declared requirements list zero env vars/credentials. The skill will need secrets to operate, so the registry metadata is incomplete; this mismatch is important because users may not realize the skill requires and will access credentials.
Persistence & Privilege
always is false and there is no install hook or code written by the skill itself; it is instruction-only. Autonomous invocation is allowed (platform default) — that is normal, but combined with the credential requirement it raises operational risk (see user guidance).
What to consider before installing
This skill appears to do what it says (manage Jira and Confluence), but there are two red flags you should address before installing or using it:
1) Credentials: The SKILL.md instructs you to create a .env with JIRA_HOST, JIRA_USER_EMAIL, and JIRA_API_TOKEN, but the registry metadata does not list any required credentials. Treat this as an omission — the skill will need those secrets to work. Only provide a token with the minimal required scopes (avoid admin/root tokens), prefer app-specific or limited-scope API tokens, and store them securely (don’t leave plaintext .env on shared machines).
2) Installation source: The instructions tell you to run `npm install -g jira-ai`. The registry did not declare an install mechanism, so the platform didn’t vet or install that package for you. Before running npm install, verify the package and maintainer: check the npm package page and the GitHub repository (commit history, issues, maintainer identity), and prefer installing in a sandboxed environment or container. If you plan to let an automated agent invoke this skill, be cautious: an agent with access to the token could perform any API actions allowed by the token.
What would increase confidence: the skill metadata listing required environment variables and a verified install spec (e.g., a known GitHub release or a vetted npm package reference), or an included code bundle maintained by the registry so the platform can scan it. If you want, I can list specific checks to run on the npm package and GitHub repo before you proceed.Like a lobster shell, security has layers — review code before you run it.
latestvk97czvqt0pf2j81ht73j8a7vd5808p2s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.