← Back to Skills Marketplace
clairproqc-star

Jira Task Manager

by clairproqc-star · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
124
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install jira-task-manager
Description
Jira automation for JiraATX (project DS). Create, update, comment, transition issues, list To Do tasks, sync repo, execute tasks end-to-end. Triggers: DS-XXX...
README (SKILL.md)

Jira Task Manager Skill

This skill automates common Jira operations.

Resource Locations

  • Jira Configuration: Refer to references/jira.md for Jira URL, credentials, and Google Drive folder ID.
  • Scripts: All automation logic resides in scripts/.

Standard Workflows

1. List To Do Issues

scripts/get_my_todo_issues.py — Returns issues assigned to [email protected] in project DS with status "To Do".

2. Get Issue Details

scripts/get_issue_description.py \x3CISSUE_KEY> — Returns summary and full description.

3. Create Issue

scripts/create_issue.py — Requires: Project Key, Issue Type, Summary. Optional: description template from Google Drive, Priority, Assignee.

4. Update Issue

scripts/update_issue.py — Requires: Issue Key, field, new value. Uses transition IDs for status changes.

5. Add Comment

scripts/add_comment.py — Requires: Issue Key, comment text. Optional: attachment from Google Drive.

6. Get Issue Info

scripts/get_issue_info.py \x3CISSUE_KEY> — Returns current status, assignee, and metadata.

7. Prepare Repo

scripts/sync_repo.py \x3CISSUE_KEY> — Finds repo via references/repos.json, fetches remote, checks out or creates feature/\x3CISSUE_KEY> branch. Reports repo_path and branch. Optional: --branch \x3Cname> to force branch name.

8. Full Task Execution Flow (End-to-End)

Trigger: "work on DS-XXX", "fix DS-XXX", "pick up DS-XXX". Follow steps in order without asking unless blocked.

  1. get_issue_info.py → summarize task, acceptance criteria, subtasks.
  2. Confirm with user — wait for explicit approval before proceeding.
  3. sync_repo.py \x3CISSUE_KEY> → report repo_path and branch. All edits are relative to repo_path.
  4. Read relevant source files before making any changes.
  5. Implement changes. No per-edit confirmations unless scope is ambiguous.
  6. run_tests.py --issue \x3CISSUE_KEY> → fix failures, re-run until passing.
  7. Report: what changed, test results, branch. Stop and wait — do not merge, push, or transition status until user approves.

9. React/Zustand State Persistence Bugs

Trigger: Field reverts after navigation or re-entering a detail page.

  • Sync field updates back to the global store immediately after a successful mutation.
  • Keep per-entity overrides (keyed by entity id) and merge after re-fetch rather than caching the whole object.
  • Audit useMemo/useCallback/useEffect deps for stale closures. Use selector-based Zustand subscriptions for high-traffic components.
  • Apply the smallest safe fix — avoid broadening cache scope unnecessarily.

Important Notes

  • All Jira API interactions will be performed using the credentials stored in references/jira.md.
  • Repo-to-issue mapping and test commands are configured in references/repos.json.
  • For security, ensure JIRA_API_TOKEN is kept confidential.
Usage Guidance
This skill appears to implement Jira and local-repo automation, but there are red flags you should consider before installing: - Hard-coded credentials: The package contains a plaintext JIRA_API_TOKEN and JIRA_EMAIL in references/jira.md and as default values inside many scripts. Do NOT assume those are safe or inert — they may be valid and could expose someone else's account or allow the skill to act without your consent. Ask the publisher to remove embedded secrets and rely only on environment-provided credentials. - Local filesystem and command execution: The scripts scan your workspace, run git commands, and execute repo test commands (subprocess.run). Only install/use this skill in an environment you trust. Prefer running it in an isolated development VM or container if you want to test. - Confirm intended behavior: The SKILL.md says it will wait for user approval before pushing/merging or transitioning issues, but the scripts can perform transitions and updates via the Jira API. Verify the agent's runtime prompts actually occur and that it will not perform irreversible operations without explicit consent. - Remove or rotate exposed credentials: If you control the Jira account referenced, rotate the API token immediately. If you do not, consider the embedded token evidence of sloppy packaging and avoid installing until it's removed. - Verify repository mappings: references/repos.json contains absolute /Users/a/... paths. Ensure these mappings won't point to sensitive paths on your machine, or update them before running. If you need a safer alternative, ask the publisher to produce a version with no embedded secrets, relative repo-paths or a configurable workspace, and explicit checks that require interactive approval before any write/transition operations.
Capability Analysis
Type: OpenClaw Skill Name: jira-task-manager Version: 1.0.0 The skill bundle contains hardcoded sensitive credentials, specifically a Jira API token (ATATT...) and email address, across multiple files including 'references/jira.md' and nearly every script in the 'scripts/' directory. Furthermore, 'scripts/run_tests.py' and 'scripts/find_repo.py' use 'subprocess.run' to execute commands defined in 'references/repos.json' or discovered on the filesystem, which presents a risk of arbitrary code execution if configuration files are tampered with. While these behaviors appear to support the stated automation purpose, the blatant exposure of secrets and the high-risk execution patterns are significant security flaws.
Capability Assessment
Purpose & Capability
Name/description, required env vars (JIRA_API_TOKEN, JIRA_EMAIL), and provided scripts all target Jira and local repo automation — broadly coherent. However, the package also embeds a Jira API token and email in references/jira.md and as defaults inside multiple scripts, which contradicts the declared requirement to provide credentials via environment variables.
Instruction Scope
SKILL.md and scripts instruct the agent to read local source files, scan the user's workspace, run git commands, and execute repo test commands. These actions are consistent with end-to-end development flows but allow filesystem enumeration and arbitrary command execution (via subprocess.run) in the user's repos. The workflow claims to wait for user approval before pushing/transitions, but the scripts are capable of making status transitions and updates with the supplied credentials.
Install Mechanism
Instruction-only (no installer). Scripts rely on typical system tools (python, git, npm, pytest) and the jira Python package. No external downloads or archive extraction present in the install spec.
Credentials
Declared env vars are appropriate for Jira integration. However, the repository contains a plaintext JIRA_API_TOKEN and JIRA_EMAIL in references/jira.md and many scripts provide that token as a default fallback. Embedding a usable API token in shipped files is disproportionate and risky — it may inadvertently expose or reuse another account's credentials.
Persistence & Privilege
always is false, the skill is user-invocable and may be autonomously invoked (platform default). The skill does not request system-wide configuration changes or permanent agent privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install jira-task-manager
  3. After installation, invoke the skill by name or use /jira-task-manager
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Jira Task Manager Skill v1.0.0 - Automates common Jira operations: create, update, comment on, transition, and list issues for project DS. - Supports end-to-end task workflows: from issue info gathering through code branch setup, implementation, and testing, with user-approved steps. - Includes scripts for syncing code repositories and integrating issue metadata with repo branches. - Implements troubleshooting for React/Zustand state persistence bugs, with specific practices outlined. - Requires JIRA_API_TOKEN and JIRA_EMAIL for operation; see documentation for full workflow and configuration details.
Metadata
Slug jira-task-manager
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Jira Task Manager?

Jira automation for JiraATX (project DS). Create, update, comment, transition issues, list To Do tasks, sync repo, execute tasks end-to-end. Triggers: DS-XXX... It is an AI Agent Skill for Claude Code / OpenClaw, with 124 downloads so far.

How do I install Jira Task Manager?

Run "/install jira-task-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Jira Task Manager free?

Yes, Jira Task Manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Jira Task Manager support?

Jira Task Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Jira Task Manager?

It is built and maintained by clairproqc-star (@clairproqc-star); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments