jira-epic-to-stories

Warn

Audited by Socket on Mar 18, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is mostly aligned with its stated Jira automation purpose, but it relies on a non-official third-party CLI that receives Jira credentials and can autonomously create remote issues. Data flows appear consistent with Jira usage and do not show obvious exfiltration or proxy routing, so this is better classified as moderate security risk rather than malicious behavior.

Confidence: 87%Severity: 58%
Audit Metadata
Analyzed At
Mar 18, 2026, 04:14 AM
Package URL
pkg:socket/skills-sh/alauda%2Fagent-skills%2Fjira-epic-to-stories%2F@efd477677397d5d443c91526a3b39f24be423967
Security Audit — socket — jira-epic-to-stories