首页龙虾技能列表 › Atlassian Jira by altf1be — 技能工具

🎫 Atlassian Jira by altf1be — 技能工具

v1.1.3

[自动翻译] Atlassian Jira Cloud CRUD skill — manage issues, comments, attachments, workflow transitions, and JQL search via Jira REST API v3 with email + API tok...

1· 300·0 当前·0 累计
by @abdelkrim (Abdelkrim from Brussels)·MIT-0
下载技能包
License
MIT-0
最后更新
2026/4/10
安全扫描
VirusTotal
无害
查看报告
OpenClaw
安全
high confidence
The skill's requirements, instructions, and code are consistent with a Jira Cloud CLI: it only asks for Jira-specific credentials, uses standard npm deps, and its behavior matches the documented purpose.
评估建议
This skill appears to do what it says: a Jira Cloud CLI that uses Basic auth (email + API token). Before installing, consider: (1) Store the API token securely — a .env file contains credentials and should not be committed to source control. (2) Inspect and run the script locally in a trusted environment (it uses Node >=18 and standard npm deps). (3) Deletes require an explicit --confirm flag, but exercise caution when granting any tool access to your Jira instance. (4) If you install on a machi...
详细分析 ▾
用途与能力
Name/description (Jira Cloud CRUD) align with the requested env vars (JIRA_HOST, JIRA_EMAIL, JIRA_API_TOKEN) and the included CLI code. The declared dependencies (commander, dotenv) and package.json are appropriate for a Node.js CLI. Nothing requested appears unrelated to Jira functionality.
指令范围
SKILL.md instructs installing deps and running the included scripts with explicit commands. The runtime instructions and commands focus on issue/comment/attachment/transition operations and reference only the Jira host and credentials. No instructions ask the agent to read unrelated files or exfiltrate data to unexpected endpoints.
安装机制
There is no install spec (instruction-only) beyond recommending 'npm install' in the repo, and package-lock.json points to official npm registry packages. No remote downloads from arbitrary URLs or archive extraction are present. Risk from install mechanism is low.
凭证需求
Required environment variables are limited to the Jira host, email, and API token — appropriate and proportional for authenticating to Jira Cloud. Optional env vars (default project, max results, max file size) are reasonable. The code only reads these Jira-specific env vars (via dotenv).
持久化与权限
The skill is not forced-always; it is user-invocable and allows autonomous invocation per platform defaults (no elevated 'always: true'). The skill does not modify other skills or system-wide settings. It writes/reads only user-specified attachments and expected local .env files.
scripts/jira.mjs:27
Environment variable access combined with network send.
scripts/jira.mjs:13
File read combined with network send (possible exfiltration).
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.1.32026/3/10

Declare optional env vars in metadata (JIRA_DEFAULT_PROJECT, JIRA_MAX_RESULTS, JIRA_MAX_FILE_SIZE)

● 无害

安装命令 点击复制

官方npx clawhub@latest install atlassian-jira-by-altf1be
镜像加速npx clawhub@latest install atlassian-jira-by-altf1be --registry https://cn.clawhub-mirror.com

技能文档

Manage Atlassian Jira Cloud issues, comments, attachments, and workflow transitions via the REST API.

Setup

  • Get an API token from https://id.atlassian.com/manage-profile/security/api-tokens
  • Set environment variables (or create .env in {baseDir}):
JIRA_HOST=yourcompany.atlassian.net
JIRA_EMAIL=you@example.com
JIRA_API_TOKEN=your-api-token
JIRA_DEFAULT_PROJECT=PROJ
  • Install dependencies: cd {baseDir} && npm install

Commands

Issues

# List issues (optionally filter by project, status, assignee)
node {baseDir}/scripts/jira.mjs list --project PROJ --status "In Progress" --assignee "currentUser()"
# Create an issue
node {baseDir}/scripts/jira.mjs create --project PROJ --type Task --summary "Fix login bug" --description "Users can't log in" --priority High
# Read issue details
node {baseDir}/scripts/jira.mjs read --key PROJ-123
# Update issue fields
node {baseDir}/scripts/jira.mjs update --key PROJ-123 --summary "New title" --priority Low
# Delete issue (requires --confirm)
node {baseDir}/scripts/jira.mjs delete --key PROJ-123 --confirm
# Search with JQL
node {baseDir}/scripts/jira.mjs search --jql "project = PROJ AND status = Open ORDER BY created DESC"

Comments

# List comments on an issue
node {baseDir}/scripts/jira.mjs comment-list --key PROJ-123
# Add a comment
node {baseDir}/scripts/jira.mjs comment-add --key PROJ-123 --body "This is ready for review"
# Update a comment
node {baseDir}/scripts/jira.mjs comment-update --key PROJ-123 --comment-id 10001 --body "Updated comment"
# Delete a comment (requires --confirm)
node {baseDir}/scripts/jira.mjs comment-delete --key PROJ-123 --comment-id 10001 --confirm

Attachments

# List attachments on an issue
node {baseDir}/scripts/jira.mjs attachment-list --key PROJ-123
# Upload an attachment
node {baseDir}/scripts/jira.mjs attachment-add --key PROJ-123 --file ./screenshot.png
# Delete an attachment (requires --confirm)
node {baseDir}/scripts/jira.mjs attachment-delete --attachment-id 10001 --confirm

Workflow Transitions

# List available transitions for an issue
node {baseDir}/scripts/jira.mjs transitions --key PROJ-123
# Move issue to a new status (by transition ID or name)
node {baseDir}/scripts/jira.mjs transition --key PROJ-123 --transition-id 31
node {baseDir}/scripts/jira.mjs transition --key PROJ-123 --transition-name "Done"

Dependencies

  • commander — CLI framework
  • dotenv — environment variable loading
  • Node.js built-in fetch (requires Node >= 18)

Security

  • Email + API token auth (Basic auth via base64 encoding)
  • No secrets or tokens printed to stdout
  • All delete operations require explicit --confirm flag
  • Path traversal prevention for file uploads
  • Built-in rate limiting with exponential backoff retry
  • Lazy config validation (only checked when a command runs)

Author

Abdelkrim BOUJRAF — ALT-F1 SRL, Brussels 🇧🇪 X: @altf1be

数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务