dark-factory

The skill presents a coherent, end-to-end autonomous workflow for implementing Jira-driven tasks. However, its high degree of autonomy without explicit user approvals, lack of explicit credential management details, and the involvement of multiple sub-skills create meaningful security and governance risks. It is classified as SUSPICIOUS: capable of legitimate automation but with potential for unintended actions and credential exposure. Recommend adding explicit safety gates (per-action approvals or abort mechanisms), documented credential handling, audit logging, and scoped permission models before deployment in a production environment.