jenkins

SUSPICIOUS/HIGH-RISK but not malware. The skill is internally consistent with Jenkins administration and uses official Jenkins endpoints, so it does not show clear credential theft or third-party interception. However, it grants an AI agent admin-equivalent Jenkins Script Console access, supports arbitrary Groovy execution, stores API tokens locally in plaintext, and explicitly advises auto-approving scripts, making the operational risk high even though the purpose is coherent.

This module is a Jenkins administrative client that reads local credentials and can execute arbitrary Groovy on a Jenkins controller. The most suspicious element is the hardcoded rewrite of 'jenkins.maxeffort.cn' to IP 47.100.13.75 — this forcibly redirects a configured domain to a specific IP and could be used to exfiltrate credentials or mislead users. The ability to send arbitrary Groovy scripts to the Jenkins script console is a high-risk capability (remote code execution) but is expected for a script-console client; however combined with forced redirection it raises supply-chain concerns. The code fragment appears incomplete/corrupted (undefined functions and malformed Groovy payloads). Recommend treating this package as untrusted until the domain-rewrite behavior is explained/removed and the code corrected and audited.