Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Auto Pr Merger
v1.0.0Automatically checks out a GitHub PR, runs tests, retries fixes if tests fail, and merges the PR upon successful tests.
⭐ 0· 1k·9 current·10 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The code implements checkout, test, fix, and merge behavior that matches the description. However, it also includes automatic calls to an external LLM (Gemini) for conflict resolution and fixes. The registry metadata declares no required credentials or primaryEnv, yet the code requires GEMINI_API_KEY to function. The skill's outward description (SKILL.md) mentions 'placeholder/mock fix logic' but the code performs real LLM-based fixes — a mismatch.
Instruction Scope
SKILL.md instructs use of gh CLI and Node and describes the high-level workflow, but omits that failing-file contents and files with merge conflict markers are sent to a remote LLM. The runtime code reads repository files and will transmit their contents (and any text from .env it finds) to the Gemini API. This is scope creep relative to the SKILL.md disclosure and can leak sensitive code/credentials.
Install Mechanism
No install script or external downloads are present; the package is instruction + a small Node script with a single dependency (minimist). There is no high-risk installer or remote archive extraction.
Credentials
The skill attempts to obtain GEMINI_API_KEY from process.env or by searching .env files in the workspace and parent directories — but the registry metadata lists no required env vars. Reading .env files outside the repository root increases the chance of exposing unrelated secrets. The skill will include repository source and conflicted file contents in requests to the external LLM, which is disproportionate unless the user knowingly provides and consents to sending code to that service.
Persistence & Privilege
The skill performs privileged Git operations (commit, push, merge, delete branch) via the authenticated gh/git client. It does not request always:true or modify other skills. The ability to push/merge is expected for a PR merger tool, but combined with undeclared external network calls and secret access this raises practical risk: a compromised/buggy run could push undesired changes or leak data.
What to consider before installing
This skill will automatically checkout PRs, run tests, attempt fixes, and merge — and it calls an external Gemini LLM to generate fixes and resolve merge conflicts. Important points before installing or running: 1) The code tries to load GEMINI_API_KEY from environment or from .env files in the workspace and parent directories — that means it can read and use secrets from nearby .env files without that being declared. 2) File contents (including failing files and conflicted files) are sent to the remote Gemini API, which could leak proprietary code or secrets. 3) SKILL.md claims fixes are 'placeholder/mock' but the code performs real LLM calls — ask the author to correct documentation. Recommended actions: run the script only in a safe/test repository (no real secrets), inspect the full index.js (you have it), and either supply a dedicated GEMINI_API_KEY with minimal scope or remove/disable LLM calls. Ask the publisher to (a) declare GEMINI_API_KEY in requires.env/primaryEnv, (b) stop searching parent directories for .env, (c) add an explicit dry-run mode and explicit confirmation before pushing/merging, and (d) document exactly what is sent to the external API. If you cannot verify these changes, do not run this against production repositories or with credentials that have push/merge rights.Like a lobster shell, security has layers — review code before you run it.
latestvk97ba7s9j2ap8jnpxpmyx76jhn81amme
License
MIT-0
Free to use, modify, and redistribute. No attribution required.