skills/hainamchung/agent-assistant/jira-issues/Socket

jira-issues

Fail

Audited by Socket on Mar 10, 2026

1 alert found:

Obfuscated File

Obfuscated FileSKILL.md

HIGH

Obfuscated FileHIGH

SKILL.md

The skill aligns with its stated purpose of Jira issue management and uses standard Jira REST API calls authenticated via user-provided credentials. The footprint is proportionate, though credential handling (environment variables) warrants careful handling to avoid leakage in logs or UI. The MCP server path introduces a remote dependency via npm (npx) which should be version-checked and clearly sandboxed. Overall, the skill appears benign with moderate security considerations around credential exposure and dependency provenance.

Confidence: 98%

Audit Metadata

Analyzed At

Mar 10, 2026, 02:52 AM

Package URL

pkg:socket/skills-sh/hainamchung%2Fagent-assistant%2Fjira-issues%2F@d17e3d919a6f3a8af6524e2f0acfd41dfa034d8e