Oathe Security Badge

Is SpillwaveSolutions/jira safe?

https://github.com/SpillwaveSolutions/jira

92
SAFE

This is a legitimate JIRA management skill containing comprehensive documentation and templates for JIRA operations using the Atlassian MCP server. The skill contains no executable code or malicious instructions, only markdown documentation and JSON templates.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (2)

MEDIUM Sensitive files accessed during installation -15

The installation process accessed several honeypot files including .env, SSH keys, AWS credentials, .npmrc, Docker config, and GCloud credentials. However, file integrity checks confirm no data was modified or exfiltrated.

LOW Unknown external network connection -10

During installation, a connection was established to an unknown server at 185.125.188.57:443. While this may be legitimate, the purpose is unclear.