← Back to Skills Marketplace
Atlassian Jira by altf1be
by
Abdelkrim from Brussels
· GitHub ↗
· v1.1.3
· MIT-0
397
Downloads
1
Stars
0
Active Installs
5
Versions
Install in OpenClaw
/install atlassian-jira-by-altf1be
Description
Atlassian Jira Cloud CRUD skill — manage issues, comments, attachments, workflow transitions, and JQL search via Jira REST API v3 with email + API token auth.
README (SKILL.md)
Jira Cloud by @altf1be
Manage Atlassian Jira Cloud issues, comments, attachments, and workflow transitions via the REST API.
Setup
- Get an API token from https://id.atlassian.com/manage-profile/security/api-tokens
- Set environment variables (or create
.envin{baseDir}):
JIRA_HOST=yourcompany.atlassian.net
[email protected]
JIRA_API_TOKEN=your-api-token
JIRA_DEFAULT_PROJECT=PROJ
- Install dependencies:
cd {baseDir} && npm install
Commands
Issues
# List issues (optionally filter by project, status, assignee)
node {baseDir}/scripts/jira.mjs list --project PROJ --status "In Progress" --assignee "currentUser()"
# Create an issue
node {baseDir}/scripts/jira.mjs create --project PROJ --type Task --summary "Fix login bug" --description "Users can't log in" --priority High
# Read issue details
node {baseDir}/scripts/jira.mjs read --key PROJ-123
# Update issue fields
node {baseDir}/scripts/jira.mjs update --key PROJ-123 --summary "New title" --priority Low
# Delete issue (requires --confirm)
node {baseDir}/scripts/jira.mjs delete --key PROJ-123 --confirm
# Search with JQL
node {baseDir}/scripts/jira.mjs search --jql "project = PROJ AND status = Open ORDER BY created DESC"
Comments
# List comments on an issue
node {baseDir}/scripts/jira.mjs comment-list --key PROJ-123
# Add a comment
node {baseDir}/scripts/jira.mjs comment-add --key PROJ-123 --body "This is ready for review"
# Update a comment
node {baseDir}/scripts/jira.mjs comment-update --key PROJ-123 --comment-id 10001 --body "Updated comment"
# Delete a comment (requires --confirm)
node {baseDir}/scripts/jira.mjs comment-delete --key PROJ-123 --comment-id 10001 --confirm
Attachments
# List attachments on an issue
node {baseDir}/scripts/jira.mjs attachment-list --key PROJ-123
# Upload an attachment
node {baseDir}/scripts/jira.mjs attachment-add --key PROJ-123 --file ./screenshot.png
# Delete an attachment (requires --confirm)
node {baseDir}/scripts/jira.mjs attachment-delete --attachment-id 10001 --confirm
Workflow Transitions
# List available transitions for an issue
node {baseDir}/scripts/jira.mjs transitions --key PROJ-123
# Move issue to a new status (by transition ID or name)
node {baseDir}/scripts/jira.mjs transition --key PROJ-123 --transition-id 31
node {baseDir}/scripts/jira.mjs transition --key PROJ-123 --transition-name "Done"
Dependencies
commander— CLI frameworkdotenv— environment variable loading- Node.js built-in
fetch(requires Node >= 18)
Security
- Email + API token auth (Basic auth via base64 encoding)
- No secrets or tokens printed to stdout
- All delete operations require explicit
--confirmflag - Path traversal prevention for file uploads
- Built-in rate limiting with exponential backoff retry
- Lazy config validation (only checked when a command runs)
Author
Abdelkrim BOUJRAF — ALT-F1 SRL, Brussels 🇧🇪 X: @altf1be
Usage Guidance
This skill appears to do what it says: a Jira Cloud CLI that uses Basic auth (email + API token). Before installing, consider: (1) Store the API token securely — a .env file contains credentials and should not be committed to source control. (2) Inspect and run the script locally in a trusted environment (it uses Node >=18 and standard npm deps). (3) Deletes require an explicit --confirm flag, but exercise caution when granting any tool access to your Jira instance. (4) If you install on a machine accessible to others or automated agents, treat the JIRA_API_TOKEN as sensitive and rotate it if compromised. If you want extra assurance, review the full scripts/jira.mjs file locally (it currently reads only the declared env vars and contacts the Jira host you provide).
Capability Analysis
Type: OpenClaw Skill
Name: atlassian-jira-by-altf1be
Version: 1.1.3
The skill is a standard Jira Cloud CLI tool for managing issues, comments, and attachments. It uses environment variables for authentication and includes basic security measures such as path traversal checks in `scripts/jira.mjs` and mandatory confirmation flags for destructive operations. No evidence of malicious intent, data exfiltration, or unauthorized execution was found.
Capability Assessment
Purpose & Capability
Name/description (Jira Cloud CRUD) align with the requested env vars (JIRA_HOST, JIRA_EMAIL, JIRA_API_TOKEN) and the included CLI code. The declared dependencies (commander, dotenv) and package.json are appropriate for a Node.js CLI. Nothing requested appears unrelated to Jira functionality.
Instruction Scope
SKILL.md instructs installing deps and running the included scripts with explicit commands. The runtime instructions and commands focus on issue/comment/attachment/transition operations and reference only the Jira host and credentials. No instructions ask the agent to read unrelated files or exfiltrate data to unexpected endpoints.
Install Mechanism
There is no install spec (instruction-only) beyond recommending 'npm install' in the repo, and package-lock.json points to official npm registry packages. No remote downloads from arbitrary URLs or archive extraction are present. Risk from install mechanism is low.
Credentials
Required environment variables are limited to the Jira host, email, and API token — appropriate and proportional for authenticating to Jira Cloud. Optional env vars (default project, max results, max file size) are reasonable. The code only reads these Jira-specific env vars (via dotenv).
Persistence & Privilege
The skill is not forced-always; it is user-invocable and allows autonomous invocation per platform defaults (no elevated 'always: true'). The skill does not modify other skills or system-wide settings. It writes/reads only user-specified attachments and expected local .env files.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install atlassian-jira-by-altf1be - After installation, invoke the skill by name or use
/atlassian-jira-by-altf1be - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.3
Declare optional env vars in metadata (JIRA_DEFAULT_PROJECT, JIRA_MAX_RESULTS, JIRA_MAX_FILE_SIZE)
v1.1.2
Fix: align CLI version with package.json
v1.1.1
Fix: replace dynamic env access with explicit named env vars to avoid false positive security flag
v1.0.1
Re-publish with CLI v0.8.0 to fix blocked status
v1.0.0
Initial publish
Metadata
Frequently Asked Questions
What is Atlassian Jira by altf1be?
Atlassian Jira Cloud CRUD skill — manage issues, comments, attachments, workflow transitions, and JQL search via Jira REST API v3 with email + API token auth. It is an AI Agent Skill for Claude Code / OpenClaw, with 397 downloads so far.
How do I install Atlassian Jira by altf1be?
Run "/install atlassian-jira-by-altf1be" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Atlassian Jira by altf1be free?
Yes, Atlassian Jira by altf1be is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Atlassian Jira by altf1be support?
Atlassian Jira by altf1be is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Atlassian Jira by altf1be?
It is built and maintained by Abdelkrim from Brussels (@abdelkrim); the current version is v1.1.3.
More Skills