github-jira

SUSPICIOUS. The skill’s purpose and capabilities mostly align for JIRA/GitHub project management, and data flows go to official Atlassian endpoints. However, core functionality relies on a non-official third-party jira CLI, one install path has mismatched publisher provenance, and the skill forwards JIRA credentials to that external tool while recommending persistent token storage. This is more risky than a pure documentation skill, but not fundamentally incompatible with its stated purpose.