jira-mcp-server
Verified Safeby ilidaniys
Overview
Allows an MCP client (like Claude Code) to interact with Jira for managing tasks: fetching personal tasks, viewing task details, creating new tasks, and changing task statuses.
Installation
node index.jsEnvironment Variables
- JIRA_BASE_URL
- JIRA_EMAIL
- JIRA_API_TOKEN
- JIRA_ASSIGNEE_ACCOUNT_ID
Security Notes
The server uses environment variables for sensitive credentials (JIRA_EMAIL, JIRA_API_TOKEN), which is a good security practice. There's no use of 'eval' or obvious code obfuscation. Dependencies are standard and widely used. The construction of JQL queries directly embeds parameters (`projectKey`, `status`, `JIRA_ASSIGNEE_ACCOUNT_ID`), which, in theory, could be vulnerable to JQL injection if the client (LLM) were to provide malicious input. However, in the context of an LLM tool, this risk is generally mitigated by careful prompt engineering and the LLM's adherence to tool parameter schemas. Overall, for its intended use as a private integration, it appears reasonably secure.
Similar Servers
mcp-atlassian
Provides an MCP (Model Context Protocol) server for interacting with Atlassian Jira and Confluence APIs, offering tools for content management, search, and workflow automation.
jayrah
A command-line interface, terminal UI, and web interface for managing Jira issues, designed for integration with AI tools like VS Code Copilot.
asana-mcp-railway
This server acts as a Model Context Protocol (MCP) server for Asana, enabling AI agents (like Claude Code/Desktop) to manage tasks and projects in Asana through a comprehensive set of 42 tools.
Jira-MCP-Server
Provides an AI-callable interface (via Model Context Protocol) to manage Jira tasks, sprints, comments, and team workload using OAuth authentication.