JIRA

The name/description match the behavior in SKILL.md and README: viewing, creating, updating, and transitioning Jira issues via either the local `jira` CLI or Atlassian MCP. Optional JIRA_* env vars are appropriate for the documented REST/curl fallback. There are no extraneous credentials, binaries, or unrelated capabilities requested.

SKILL.md instructs the agent to detect backends (running `which jira` or looking for MCP tools) and to fetch issue state before any modification; it also references reading user-provided files (e.g., /tmp templates) and 'research context' for referenced code/PRs. These actions are sensible for a Jira helper, but 'research context' is somewhat open-ended — ensure the agent only accesses resources you expect and that it shows commands/results before making changes (the skill emphasizes this safety behavior).

There is no install spec and no code files — this is instruction-only. That minimizes install-time risk (nothing is downloaded or written by the skill itself). The README points users to official project pages for optional tools (GitHub, Homebrew).

The only environment variables mentioned are JIRA_BASE_URL, JIRA_USER, and JIRA_API_TOKEN and they are documented as optional (used only for REST/curl fallback). Nothing requests unrelated secrets or multi-service credentials.

The skill is not marked always:true and does not request persistent system-wide changes. It documents safety steps (show commands, request approval) before modifications. No evidence it modifies other skills or global agent configuration.