skills/jabrena/cursor-rules-java/044-planning-jira/Socket

044-planning-jira

Warn

Audited by Socket on Apr 27, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS: the skill's Jira-focused capabilities are broadly aligned with its purpose, but its trust model is incomplete because it depends on an unspecified `jira` binary while official Atlassian guidance points to `acli`. Credential handling and data flows are mostly proportionate, yet forwarding Jira tokens to an ambiguously sourced CLI and processing untrusted Jira content raise medium risk.

Confidence: 84%Severity: 64%

Audit Metadata

Analyzed At

Apr 27, 2026, 06:08 AM

Package URL

pkg:socket/skills-sh/jabrena%2Fcursor-rules-java%2F044-planning-jira%2F@afe3737f43eb3b40ea3d8c0b3872a645deb36097