jira-issue-manager

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's usage examples pass a NANGO_SECRET_KEY (an API secret) and connectionId as explicit command-line arguments (e.g., node scripts/... <NANGO_SECRET_KEY> ...), which requires the agent to embed secret values verbatim in generated commands, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts (scripts/get-issue-types.cjs and scripts/get-cloud-id.cjs) fetch JSON from the Nango proxy endpoints (e.g., /proxy/ex/jira/... and /connection/...), which return data from external Jira instances (user-controlled project/issue-type names and descriptions) that the SKILL.md and scenarios explicitly instruct the agent to read and use to map names to IDs and drive the nango-mcp-server_create_issue tool, so untrusted third-party content can directly influence actions.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). The documentation includes multiple literal, random-looking UUIDs used directly in example commands where a secret/key is expected:
• cf0e919c-5280-4908-9865-0baa6df2eb10 — used in the example as the <NANGO_SECRET_KEY>.
• 9072b6a9-a672-4b55-9566-f31a191b341d — used as the .
• efe59576-1147-4e4b-96b5-7615e308a36b — used as a in examples.

These are high-entropy, literal values present in the docs and appear usable as credentials (especially the value passed as NANGO_SECRET_KEY). They are not obvious placeholders, truncated/redacted values, or low-entropy setup passwords, so they meet the definition of secrets to flag.

Note: Numeric IDs like "10001" and "10011" are low-entropy project/issue IDs (not secrets) and are ignored.