atlassian-rest-ops
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements robust security practices for handling API tokens. It instructs the agent to retrieve tokens from environment variables or local ".env" files and pass them directly to "curl" subprocesses, with explicit rules against printing, logging, or writing the token values to disk.
- [SAFE]: No external dependencies or unverifiable packages are used. The skill performs all operations using local bash and Python scripts (utilizing only the standard library), which significantly reduces the risk of supply chain attacks.
- [SAFE]: Access to local files is strictly limited. The skill is instructed not to perform directory walks or scope resolution when looking for ".env" files, preventing unauthorized file system exploration.
- [SAFE]: Network operations are confined to the user-provided Atlassian site URL. The skill utilizes "curl" for direct REST API calls, avoiding the use of third-party SDKs and maintaining transparency in its network behavior.
Audit Metadata