atlassian-mcp

SUSPICIOUS. The skill’s stated purpose is coherent for Atlassian automation, but its concrete execution path is weaker than advertised: it runs an unpinned third-party MCP server via npx, the installer/example command does not cleanly match the upstream project’s documented path, and it forwards Jira/Confluence API tokens to that external code. No clear malicious exfiltration endpoint is present, so this is not confirmed malware, but the install-trust and credential-forwarding footprint is disproportionately risky for a documentation-style skill.