ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nm Egregore Quality Gate

v1.0.0

Orchestrates egregore's QUALITY pipeline stage. Runs convention checks and invokes review skills for each quality step. Supports self-review (pre-PR) and PR-...

0· 33·1 current·1 all-time
by@athola
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description (orchestrate QUALITY pipeline, run conventions, invoke review skills) is coherent with the instructions. However the SKILL.md expects access to git, the GitHub CLI (gh), a local conventions/codex.yml, and to run conventions.py and mapped skills. The registry metadata declares no required binaries, no env vars, and no primary credential. That mismatch (declaring nothing while expecting repo and GitHub operations) is a substantive inconsistency.
Instruction Scope
Instructions stay within a plausible 'quality gate' scope: they read changed files, load conventions, run convention checks, invoke mapped review skills, attempt auto-fixes, commit changes, and post GitHub reviews. These steps include repository modification (commits/pushes) and network activity (gh api), which are expected for this purpose but are sensitive actions and should be constrained by declared requirements and safeguards.
Install Mechanism
Instruction-only skill (no install spec, no code files). Low install risk because nothing will be downloaded or written by an installer. The runtime risk depends entirely on what the agent executes per SKILL.md (git/gh/conventions.py), not on an installer.
!
Credentials
The skill requires implicit access to GitHub (to run `gh pr diff` and `gh api`), git commit/push capabilities, and to run conventions.py — but declares no environment variables or credentials. Posting reviews and committing fixes normally requires GH credentials or a configured gh CLI with repo write permissions. The absence of declared credentials is disproportionate and obscures the level of access needed.
Persistence & Privilege
always:false (no forced inclusion). The skill can be invoked autonomously (platform default) and, if invoked, may perform writes to the repository and call GitHub APIs. Autonomous invocation alone is not a fault, but combined with the missing credential declarations it increases operational risk and warrants careful permissioning.
What to consider before installing
Before installing, verify these items: (1) Confirm that git and the GitHub CLI (gh) and a Python runtime are available where the agent will run — SKILL.md implicitly requires them but the skill metadata does not declare them. (2) Decide what credentials the skill will use: posting reviews and committing fixes require GitHub authentication and likely push permissions; use a least-privilege token or ensure gh is configured with appropriate, auditable credentials. (3) Verify the presence and contents of conventions/codex.yml and conventions.py in the repository and confirm their behavior. (4) Inspect every mapped skill (pensive:unified-review, conserve:unbloat, sanctum:update-tests, etc.) because this orchestrator will invoke them and they may run arbitrary code. (5) If possible, run the skill in a dry-run or on a fork/CI job with restricted permissions first. If you require the registry metadata to be accurate, ask the publisher to explicitly list required binaries and any environment variables/permissions the skill needs.

Like a lobster shell, security has layers — review code before you run it.

latestvk972bmdn3ht3tn9t3wzfcsv6m184pjh2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis

Comments