ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Overlap Check

v1.0.0

Check for existing issues and PRs before creating new ones. Fires automatically when agent intends to file an issue, open a PR, or comment on a thread. Searc...

0· 653·0 current·0 all-time
byDaniel Petrushevskyi@semmyt
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description match its asks: it requires the gh CLI and instructs the agent to run gh repo/view/search/view commands to find duplicates. There are no unrelated credentials, binaries, or config paths requested.
Instruction Scope
SKILL.md gives narrow, concrete commands (gh repo view, gh search issues/prs, gh issue/pr view) scoped to the target repo and to user decision points. It does not instruct broad data collection, access to unrelated files, or external endpoints beyond GitHub via gh.
Install Mechanism
No install spec or downloadable code is present; this is instruction-only and relies on the existing gh binary, minimizing installation risk.
Credentials
No environment variables, credentials, or config paths are required by the skill. It relies on the gh CLI for authentication, which is a proportional requirement for interacting with GitHub.
Persistence & Privilege
always is false and the skill does not request persistent or elevated system privileges. It does not modify other skills or global agent configs. The agent may invoke it autonomously (default), which is expected for such helpers.
Assessment
This skill is instruction-only and simply runs gh CLI commands to search the target repository for existing issues/PRs. Before installing, ensure you have the GitHub CLI (gh) available and authenticated (gh may use your existing credentials/config to access private repos). Understand that the agent will run gh commands in the current working directory or against the specified OWNER/REPO; it will not exfiltrate secrets or install software. If you are concerned about autonomous runs, note the skill can be invoked by the agent when it decides to file issues/PRs—disable autonomous invocation at the agent level if you want manual control.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🔍 Clawdis
Binsgh
latestvk973f0sdpk0ndjv2h89h8cb01n81cz3p
653downloads
0stars
1versions
Updated 9h ago
v1.0.0
MIT-0
Daniel Petrushevskyi@semmyt
latest
Download

Overlap Check

Before creating a new issue or PR, search the target repo for existing threads that cover the same topic.

When This Fires

  • You are about to run gh issue create
  • You are about to run gh pr create
  • The user asks you to "file an issue", "open a PR", "report this bug", or "submit a fix"
  • You are drafting a comment on an issue or PR you haven't read yet

What to Do

1. Identify the target repo and your topic

Figure out which repo you're targeting. If you're inside a cloned repo, run:

gh repo view --json nameWithOwner -q .nameWithOwner

Summarize what your issue or PR is about in a few keywords.

2. Search for existing threads

Run both searches. Drop filler words (the, a, is, for, with, this, that, when, not, but, and, from) from your keywords.

gh search issues --repo OWNER/REPO "KEYWORDS" --limit 5 --json number,title,state,comments
gh search prs --repo OWNER/REPO "KEYWORDS" --limit 5 --json number,title,state,comments

3. Evaluate matches

Read the titles and comment counts. If any look related:

  • Open the thread: gh issue view NUMBER --repo OWNER/REPO or gh pr view NUMBER
  • Read enough to understand whether your topic is already covered
  • Check if the thread is active, stale, or closed

4. Decide

SituationAction
Existing open thread covers your exact topicComment there instead of creating a new one
Existing closed thread solved itDon't reopen — link to it if relevant
Existing thread is related but differentProceed with new issue/PR, reference the related thread
No matchesProceed normally

5. If you find duplicates, tell the user

Show what you found before proceeding:

Found existing threads that may cover this:
  #13738 — WSL2 clipboard paste broken (16 comments, open)
  #14635 — Paste not working in WSL (3 comments, open)

Should I comment on an existing thread or create a new one?

What NOT to Do

  • Don't skip this check because you're confident your topic is new
  • Don't create a new issue just because existing ones use slightly different wording
  • Don't run expensive analysis — two gh search calls is enough
  • Don't block the user — if they insist on creating a new thread after seeing duplicates, do it

Comments

Loading comments...