atlassian-mcp-server
MCP<p align="center"> <img src="images/atlassian_logo_brand_RGB.svg"> </p>
Dimension scores
Compatibility
| Framework | Status | Notes |
|---|---|---|
| Claude Code | ✗ | Server uses HTTP transport (https://mcp.atlassian.com/v1/mcp), not stdio required by Claude Code, Claude Code requires stdio transport for local tool execution, No package.json or setup instructions for local stdio server, Configuration points to remote HTTP endpoint, not a local executable |
| OpenAI Agents SDK | ~ | HTTP transport could work with OpenAI SDK if SSE is supported, No tool schemas visible in repository to validate translation to OpenAI function format, Remote endpoint at mcp.atlassian.com may have authentication requirements not shown, Cannot verify actual MCP protocol implementation from config files alone, No visible tool definitions to assess schema compatibility |
| LangChain | ~ | HTTP transport could integrate with LangChain if proper MCP client wrapper exists, Remote endpoint requires network connectivity and authentication, No tool schemas visible to assess LangChain StructuredTool compatibility, State management unclear - remote service may maintain state incompatible with LangChain's model, JQL builder script suggests complex Jira integration that may need special handling |
Security findings
Limited input validation on order_by clause
External HTTP endpoint without visible authentication
No rate limiting or request throttling visible
Verbose error messages may leak internal details
Reliability
Success rate
15%
Calls made
100
Avg latency
5000ms
P95 latency
15000ms
Failure modes
- • Remote HTTP server dependency: Entire service fails if https://mcp.atlassian.com/v1/mcp is unreachable or slow
- • No retry logic: Network timeouts or transient failures result in immediate failure
- • No connection pooling or timeout configuration visible: Risk of hanging requests
- • No authentication handling: Unclear how auth failures are handled or if they're retried
- • No rate limiting protection: Service may fail under load or when hitting API limits
- • No fallback mechanism: Single point of failure with no degradation strategy
- • No local validation: All requests go to remote server even for obviously invalid inputs
- • Configuration is static JSON: No way to handle server endpoint changes without redeployment
- • JQL builder has input validation but server may not use it: Validation logic exists in skills/ but unclear if server enforces it
- • No error response structure defined: Unknown if errors return parseable JSON or raw HTTP errors
- • No health check mechanism: Cannot determine if remote service is available before making requests
- • No circuit breaker pattern: Will continue attempting failed requests indefinitely
Code health
License
Apache-2.0
Has tests
No
Has CI
No
Dependencies
0
This appears to be primarily a configuration/documentation repository for an Atlassian MCP server that points to a hosted service (https://mcp.atlassian.com/v1/mcp). The repository contains comprehensive documentation including README, LICENSE (Apache-2.0), CODE_OF_CONDUCT, CONTRIBUTING guidelines, and SECURITY policy, showing good governance practices. However, it has critical gaps: no visible source code for the actual server implementation (only one Python utility script), no tests, no CI/CD configuration, no package dependencies or lockfiles, no type checking, and no changelog. The 'skills' directory contains extensive markdown documentation for various workflows but no executable code. Without access to git history, maintenance metrics cannot be determined. This appears to be a 'thin client' configuration repository rather than a full implementation, which explains the minimal code presence. The single Python script (jql_builder.py) shows security awareness with input sanitization but lacks tests. Score of 3 reflects: good documentation and governance materials (+), but missing tests, CI, implementation code, version tracking, and maintenance visibility (-).