Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
GitHub Automation Pro
v1.0.0Automate GitHub tasks including advanced issue management, PR analysis, release creation with notes, repo stats, webhook triggers, and email support.
⭐ 1· 1.1k·7 current·7 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code and SKILL.md implement GitHub automation (issues, PR analysis, releases) which fits the name. However the package pulls in heavy/odd dependencies (@supabase/supabase-js, puppeteer, node-fetch) that are not obviously required for the stated features; the README/SKILL.md require a GitHub token/license key although registry metadata lists no required env vars — this mismatch is disproportionate and unexplained.
Instruction Scope
SKILL.md contains normal usage examples for GitHub operations but also instructs users to pay USDT to a wallet and contact a Telegram account for a license key. It claims tokens never leave the local environment, yet also states core code is obfuscated — that combination and the off‑platform payment flow broaden the runtime scope and privacy/financial risk for users.
Install Mechanism
There is no install spec in the registry (instruction-only), but the package includes many source files and a package.json listing nontrivial dependencies. Several JS files are intentionally obfuscated (variable mangling), obscuring runtime behavior. Obfuscated source in a credential‑handling skill is a significant risk and reduces ability to audit what the code does.
Credentials
SKILL.md and code clearly expect a GitHub Personal Access Token and a license key, but the registry lists no required env vars or primary credential — a transparency mismatch. The presence of @supabase/supabase-js and node-fetch suggests potential remote network interactions beyond GitHub (e.g., storing or verifying license keys remotely), which would not be proportionate to a minimal GitHub automation library unless explicitly documented.
Persistence & Privilege
The skill does not request always:true and is user-invocable (normal). It could run code with network access and dependencies when invoked. Because core files are obfuscated, it’s harder to confirm the skill won't perform unexpected persistent actions or remote calls during execution — so exercise caution even though no explicit elevated persistence flags are present.
Scan Findings in Context
[javascript-obfuscation] unexpected: Multiple .js files are clearly obfuscated/mangled. While a vendor might obfuscate proprietary code, obfuscation reduces auditability for a skill that handles tokens and license checks.
[undeclared-credentials] unexpected: SKILL.md and code demonstrate use of a GitHub token and a license key, but registry metadata declares no required env vars/primary credential — this is inconsistent and unexpected.
[heavy-external-dependencies] unexpected: package.json lists @supabase/supabase-js, puppeteer, and node-fetch in addition to @octokit/rest. Puppeteer and Supabase are not obviously required for basic GitHub automation and warrant explanation.
[off-platform-payment-instructions] unexpected: SKILL.md instructs users to pay USDT to a wallet address and to contact a Telegram handle for a license key. This is an atypical, high-risk monetization flow that could enable scams and is unrelated to core functionality.
[network-capable-code] expected: The skill legitimately needs to make network/API calls to GitHub. However, because additional network libraries are present, verify whether the code contacts other endpoints besides GitHub (e.g., Supabase or arbitrary URLs).
What to consider before installing
Do not install or trust this skill yet. Before proceeding, ask the publisher for an authoritative source (public repo or verified homepage) and for a clear explanation of why Supabase/puppeteer/node-fetch are needed. Request unobfuscated source or a reproducible build so you can audit network calls and license verification behavior. Never provide your primary GitHub token to untrusted code — if you test, use a least‑privilege or ephemeral token scoped only to a test repository. Treat the USDT/Telegram payment instructions as a red flag; prefer skills from verifiable vendors or the official GitHub Marketplace. If you must evaluate it: run it in a sandboxed VM or container with no sensitive tokens, monitor outbound network connections, and search the code for calls that send data to third‑party hosts (Supabase, custom URLs, Telegram endpoints, or hard‑coded wallet addresses). If the publisher cannot satisfactorily justify obfuscation and external dependencies, avoid using the skill.Like a lobster shell, security has layers — review code before you run it.
automationvk9759dxy35z0ghf5fd2c02yqzn810e0hci-cdvk9759dxy35z0ghf5fd2c02yqzn810e0hgithubvk9759dxy35z0ghf5fd2c02yqzn810e0hlatestvk9759dxy35z0ghf5fd2c02yqzn810e0h
License
MIT-0
Free to use, modify, and redistribute. No attribution required.