Back to skill

Security audit

Jira REST API v3 Commons

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Jira Cloud helper that can make real Jira API calls, so it is appropriate if installed with a carefully scoped Jira token.

Install this only if you want the agent to perform real Jira actions. Use a least-privilege Jira account or token, limit project access where possible, review non-read-only requests before they run, and be cautious with deletes, sprint changes, worklogs, comments, and issue entity properties because those changes persist in Jira.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs the agent to perform real network requests to Jira and not stop at describing the API, but it does not require any user-facing confirmation or warning that issue contents, queries, comments, and other Jira data will be transmitted to an external service. In an agent setting, this can cause unintended disclosure of enterprise data because the model is directed toward execution-first behavior rather than informed consent and data-minimization.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill requires sensitive environment variables for email, API tokens, and bearer tokens, but it does not include strong procedural safeguards around secret exposure beyond 'never print secrets.' In agent-driven shell execution, secrets can still leak through command construction, process listings, debug traces, error output, or transcript capture if the runtime is not carefully controlled.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The guidance recommends storing structured JSON in Jira issue entity properties while explicitly noting that the data is not normally visible in the UI, but it does not warn that this creates hidden metadata on issues. In an agent skill context, this can enable silent persistence of app-controlled data that users and reviewers may not notice, weakening transparency and auditability.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.generated_source_template_injection

User-controlled placeholder is embedded directly into generated source code.

Critical
Code
suspicious.generated_source_template_injection
Location
SKILL.md:148