← Back to Skills Marketplace

Jira

Name: Jira
Author: pejovicvuk

by Vuk Pejović · GitHub ↗ · v1.0.1 · MIT-0

cross-platform ⚠ suspicious

253

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install atlassian-jira

Description

Manage Jira Cloud issues — search, create, update, comment, transition. Use when user mentions Jira, issues, tickets, sprints, bugs, tasks, or issue keys lik...

README (SKILL.md)

Jira Cloud

Manage Jira Cloud issues via a bash CLI wrapper. No jq required — uses python3 for JSON parsing, which is available in the stock OpenClaw container.

Script location: {baseDir}/jira-cli.sh

Setup

Set these environment variables on your OpenClaw gateway:

ATLASSIAN_URL — your Jira instance (e.g. https://yourcompany.atlassian.net)
ATLASSIAN_EMAIL — the Atlassian account email
ATLASSIAN_API_TOKEN — API token from id.atlassian.com/manage-profile/security/api-tokens

Make the script executable: chmod +x {baseDir}/jira-cli.sh

Commands

Search issues

{baseDir}/jira-cli.sh search "assignee=currentUser() AND status!=Done"
{baseDir}/jira-cli.sh search "project=PROJ AND issuetype=Bug" 50

Second argument is max results (default: 20).

Returns: { total, issues: [{ key, summary, status, priority, assignee, type, created, updated }] }

Common JQL patterns:

My open issues: assignee=currentUser() AND status!=Done
All bugs in project: project=PROJ AND issuetype=Bug
Created this week: project=PROJ AND created >= startOfWeek()
High priority open: project=PROJ AND priority=High AND status!=Done
By status: project=PROJ AND status="In Progress"
Updated recently: project=PROJ AND updated >= -7d

Get issue details

{baseDir}/jira-cli.sh get PROJ-123

Returns: { key, summary, status, priority, type, assignee, reporter, project, description, labels, created, updated, url }

Create issue

{baseDir}/jira-cli.sh create --project PROJ --type Bug --summary "Login fails with unicode email" --description "Steps to reproduce..." --priority High

Required: --project, --summary Optional: --type (default: Task), --description, --priority

Returns: { key, id, url }

Add comment

{baseDir}/jira-cli.sh comment PROJ-123 "Tested on staging — confirmed fixed"

Returns: { id, created, author }

List available transitions

Always check this before transitioning — transition IDs vary per project workflow.

{baseDir}/jira-cli.sh transitions PROJ-123

Returns: { transitions: [{ id, name, to }] }

Transition issue (change status)

{baseDir}/jira-cli.sh transition PROJ-123 31

Second argument is the transition ID from the transitions command.

Assign issue

First look up the user's account ID:

{baseDir}/jira-cli.sh users "jane"

Then assign:

{baseDir}/jira-cli.sh assign PROJ-123 "5b10a2844c20165700ede21g"

Update issue fields

{baseDir}/jira-cli.sh update PROJ-123 --summary "Updated title" --priority High --labels "regression,blocker"

Labels are comma-separated.

List projects

{baseDir}/jira-cli.sh projects

Returns: [{ key, name, type }]

Rules

All output is JSON to stdout, errors to stderr.
Before transitioning, ALWAYS run transitions first to get valid IDs.
Before assigning, ALWAYS run users first to get the account ID.
If a command fails, the error JSON includes the HTTP status code.

Usage Guidance

This skill appears to be what it claims: a simple CLI wrapper around Jira Cloud's REST API. Before installing: (1) only provide a dedicated Atlassian API token with minimal necessary permissions (do not reuse a high-privilege or long-lived token), (2) confirm ATLASSIAN_URL points to your intended Jira instance, (3) run the script in an environment you control (or sandbox) if you are unsure, and (4) note the repository/author is unknown (no homepage provided) — you may want to vet the included jira-cli.sh yourself before supplying sensitive credentials. The script uses embedded python calls to build JSON; avoid passing extremely long or untrusted multiline inputs without review. If you suspect token exposure, rotate the API token immediately.

Capability Analysis

Type: OpenClaw Skill Name: atlassian-jira Version: 1.0.1 The `jira-cli.sh` script contains significant shell-to-python injection vulnerabilities in the `cmd_create`, `cmd_comment`, and `cmd_update` functions. User-provided arguments (such as issue summaries or descriptions) are directly interpolated into `python3 -c` command strings without proper sanitization, which could allow an attacker to execute arbitrary code by crafting malicious input. While the skill's documentation in `SKILL.md` and its overall structure appear to serve a legitimate purpose for Jira management, the insecure implementation of the CLI wrapper poses a high risk of exploitation.

Capability Assessment

✓ Purpose & Capability

Name/description, required env vars (ATLASSIAN_URL, ATLASSIAN_EMAIL, ATLASSIAN_API_TOKEN), and the provided CLI script all align with a Jira Cloud issue-management wrapper. There are no unrelated credentials, binaries, or config paths requested.

✓ Instruction Scope

SKILL.md instructs setting the three Jira env vars, making the script executable, and using the script commands. The runtime instructions and the script operate solely against the Jira REST API and do not read other files, system config, or send data to unexpected endpoints.

✓ Install Mechanism

No install spec — instruction-only plus an included bash script. Nothing is downloaded or installed from external URLs; the script is intended to be placed in {baseDir} and executed. This is a low-risk installation model.

✓ Credentials

Only the three Atlassian-related environment variables are required, which are appropriate for using Atlassian Cloud REST APIs. The script uses those env vars and no other sensitive variables. No unexplained high-privilege tokens are requested.

✓ Persistence & Privilege

always is false and the skill does not request persistent system-level presence or modify other skills or global agent config. The script runs on demand and only performs API calls with the provided credentials.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install atlassian-jira
After installation, invoke the skill by name or use /atlassian-jira
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.1

Added setup documentation

v1.0.0

Initial public release — manage Jira Cloud issues from the command line. - Search, view, create, update, comment on, assign, and transition Jira issues. - Uses environment variables for Jira Cloud authentication. - Outputs all results as JSON for easy parsing. - Includes commands for listing projects, transitions, and users. - No jq required; uses python3 for JSON parsing in the OpenClaw container.

Metadata

Slug atlassian-jira

Version 1.0.1

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 2

Frequently Asked Questions

What is Jira?

Manage Jira Cloud issues — search, create, update, comment, transition. Use when user mentions Jira, issues, tickets, sprints, bugs, tasks, or issue keys lik... It is an AI Agent Skill for Claude Code / OpenClaw, with 253 downloads so far.

How do I install Jira?

Run "/install atlassian-jira" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Jira free?

Yes, Jira is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Jira support?

Jira is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Jira?

It is built and maintained by Vuk Pejović (@pejovicvuk); the current version is v1.0.1.

More Skills