Skill

risk-to-jira-transformer

Converts unstructured risk assessments into structured Jira tickets. Extracts Likelihood, Impact, Mitigation from natural language and generates JSON formatted for Jira API with clear Definition of Done criteria.

Install

npx claudepluginhub rifh2000/claude-grc-engineering. --plugin grc-engineer

Tool Access

This skill is limited to using the following tools:

BashReadGlobWriteEdit

Preview

Converts unstructured risk assessments into structured engineering tickets. Turns "Risk Management" into "Task Management."

SKILL.md

Similar Skills

design-system

Generates design tokens/docs from CSS/Tailwind/styled-components codebases, audits visual consistency across 10 dimensions, detects AI slop in UI.

team-skills-platform

167.4k

ui-demo

Records polished WebM UI demo videos of web apps using Playwright with cursor overlay, natural pacing, and three-phase scripting. Activates for demo, walkthrough, screen recording, or tutorial requests.

team-skills-platform

167.4k

kotlin-patterns

Delivers idiomatic Kotlin patterns for null safety, immutability, sealed classes, coroutines, Flows, extensions, DSL builders, and Gradle DSL. Use when writing, reviewing, refactoring, or designing Kotlin code.

team-skills-platform

167.4k

Stats

Parent Repo Stars0

Parent Repo Forks0

Last CommitApr 18, 2026

Used By2 plugins

Actions

View Source View Plugin View on GitHub View README

Risk-to-Jira Transformer

Converts unstructured risk assessments into structured engineering tickets. Turns "Risk Management" into "Task Management."

Quick Commands

Transform a risk assessment:

node scripts/transform-risk.js "Vulnerability in authentication service discovered during pen test. High likelihood, critical impact. Mitigation: Implement OAuth2 with PKCE." SEC

Transform with custom project:

node scripts/transform-risk.js "<risk description>" INFRA

Input Format

Accepts natural language risk descriptions. Automatically extracts:

Risk Description - What is the risk?
Likelihood - How likely is it to occur? (Low/Medium/High/Critical)
Impact - What is the impact? (Low/Medium/High/Critical)
Mitigation - How to address it?
Affected Systems - Which systems are impacted?

Output Format

Generates JSON formatted for Jira API:

{
  "fields": {
    "project": { "key": "SEC" },
    "summary": "Implement OAuth2 with PKCE for authentication service",
    "description": "...",
    "issuetype": { "name": "Security Task" },
    "priority": { "name": "Critical" },
    "labels": ["security", "authentication", "risk-mitigation"],
    "customfield_10001": "High",  // Likelihood
    "customfield_10002": "Critical",  // Impact
    "customfield_10003": "Implement OAuth2 with PKCE"  // Mitigation
  }
}

Jira Fields Generated

Summary - Concise risk title
Description - Full risk assessment with context
Priority - Based on Likelihood × Impact matrix
Labels - Auto-tagged with relevant categories
Issue Type - Security Task, Bug, Story, etc.
Definition of Done - Clear acceptance criteria
Custom Fields - Likelihood, Impact, Mitigation (if configured)

Risk Scoring

Automatically calculates risk score:

Critical - High/Critical Likelihood × High/Critical Impact
High - Medium Likelihood × High Impact, or High Likelihood × Medium Impact
Medium - Other combinations
Low - Low Likelihood × Low Impact

Example Inputs

"SQL injection vulnerability found in user input validation. High likelihood of exploitation, critical impact on data integrity. Mitigation: Implement parameterized queries and input sanitization."
"Missing encryption on database backups. Medium likelihood of data breach, high impact. Mitigation: Enable encryption at rest for all backup storage."
"Unauthorized access possible due to weak password policy. High likelihood, medium impact. Mitigation: Enforce strong password requirements and MFA."

Prerequisites

Risk description (natural language)
Optional: Jira project key (defaults to SEC)
Optional: Jira API credentials (for direct posting)