Model Context Protocol moderate risk

Jira

This Jira MCP server provides a comprehensive suite of tools for managing Jira issues, sprints, and development information, enabling efficient workflow automation.

Connections & Capabilities

Connects To

GitHubGitLabJiraDocker

Capabilities

readwrite

Quickstart

Install

npx @modelcontextprotocol/inspector

Config

{
  "mcpServers": {
    "jira": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "ATLASSIAN_HOST=https://your-company.atlassian.net",
        "-e", "ATLASSIAN_EMAIL=your-email@company.com",
        "-e", "ATLASSIAN_TOKEN=your-api-token",
        "ghcr.io/nguyenvanduocit/jira-mcp:latest"
      ]
    }
  }
}

Exposed MCP Tools (9)

safe

jira_get_issue

Retrieves detailed information about a specific Jira issue.

Read-only operation; no data modification.

moderate

jira_create_issue

Creates a new Jira issue with specified details.

Creates new data; potential for misuse if not properly controlled.

high

jira_update_issue

Modifies an existing Jira issue's details.

Modifies existing data; requires careful validation to prevent errors.

safe

jira_search_issue

Searches for Jira issues using JQL.

Read-only operation; JQL injection risk mitigated by proper sanitization.

moderate

jira_transition_issue

Transitions a Jira issue through its workflow.

Changes issue status; potential for workflow disruption if misused.

moderate

jira_add_comment

Adds a comment to a Jira issue.

Adds data to an issue; potential for spam or inappropriate content.

safe

jira_get_development_information

Retrieves development information (branches, pull requests, commits) linked to a Jira issue.

Read-only operation; no data modification.

moderate

jira_link_issues

Creates a link between two Jira issues, defining their relationship.

Creates relationships between issues; potential for incorrect or misleading links.

moderate

jira_add_worklog

Adds a worklog entry to track time spent on an issue.

Adds data to an issue; potential for inaccurate time tracking.

Safety Assessment

This MCP server offers a balance of read and write capabilities for Jira. While the API token authentication provides a basic level of security, careful consideration should be given to the permissions granted to the token and the potential impact of write operations. It is relatively safe for read-only tasks but requires caution when using write operations.

API token authentication
Granular tool-based access control
No direct shell access
Clear separation of read and write operations

Potential for data modification via write operations
Exposure of Jira instance to AI assistant
Improperly configured JQL queries could expose sensitive data
Reliance on Atlassian's security for API token management
Lack of built-in rate limiting could lead to abuse