ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Fetch Pr Feedback

v1.1.4

Fetch review comments from a PR and evaluate with receive-feedback skill

0· 36·0 current·0 all-time
byKevin Anderson@anderskev
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated goal is to fetch PR review comments and evaluate them with another skill; the runtime instructions use gh and jq and expect an authenticated GH CLI session. However the registry metadata lists no required binaries or environment variables. Declaring no requirements is inconsistent with what the SKILL.md actually needs.
Instruction Scope
The SKILL.md stays within the stated purpose: it fetches issue and review comments, strips noise via jq filters, groups by reviewer, and prepares a document for another skill. It writes temporary jq scripts to /tmp and reads $ARGUMENTS and GH API output. There are no instructions to read unrelated local files or to send data to unexpected external endpoints, but it will use whatever GitHub credentials are available to the gh CLI.
Install Mechanism
This is an instruction-only skill with no install spec or code files, which is lower risk. Nothing will be downloaded or written permanently by an installer step.
!
Credentials
The skill does not declare required environment variables, yet it relies on the gh CLI being present and authenticated (which implicitly uses the user's GitHub credentials/config). That means the skill will run with whatever GitHub access the user's CLI already has. The absence of an explicit requirement for GitHub credentials or for gh/jq is an incoherence that could surprise users.
Persistence & Privilege
The skill is not always-enabled (always: false) and is user-invocable only; disable-model-invocation is true which prevents autonomous model invocation. That limits its blast radius and is appropriate for a tool that accesses user GitHub data.
What to consider before installing
Before installing or running this skill: (1) Note that SKILL.md requires the GitHub CLI (gh) and jq and an authenticated gh session, but the skill metadata doesn't declare those requirements—confirm gh and jq are installed and that your GH CLI is authenticated. (2) Be aware the skill will use your existing GH CLI credentials to read PRs, issues, and user info; run it only if you're comfortable with that access, or test with a low-privilege account/repo. (3) Ask the author to update the skill metadata to list required binaries (gh, jq) and to document any required GH token scopes. (4) The instructions create temporary files in /tmp and truncate long comments; review the full SKILL.md (it appears truncated) and confirm how it calls the receive-feedback skill and what data that downstream skill will receive. (5) If you need a stricter review, request a complete SKILL.md and an explicit list of required binaries and env variables from the publisher.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fytejfr0r2eqwx8yamqk7f983xxb0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments