Back to skill
Skillv1.0.0
ClawScan security
GitCode PR Audit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 11:52 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill and its included script are coherent with the stated purpose (auditing merged GitCode PRs), request only a GitCode token, have no installation step, and do not exhibit obvious exfiltration or unrelated privileges.
- Guidance
- This skill appears coherent and limited to GitCode PR auditing. Before installing or running: 1) review the bundled scripts (they are included) to ensure no local modifications were made; 2) supply a least-privilege GITCODE_TOKEN (personal access token scoped only to read repositories/PRs); 3) run in an environment where writing the chosen --output path cannot overwrite sensitive files; 4) if you use Windows, note the script invokes PowerShell to read user/system environment variables—if you prefer, set the token only in the process environment before running. If you want higher assurance, run the script on a copy of the repository metadata or in an isolated/test account first.
Review Dimensions
- Purpose & Capability
- okName/description ask for GitCode PR audits and the code/README only use the GitCode API (GITCODE_TOKEN). Requested credential (GITCODE_TOKEN) and behaviors (listing PRs, comments, labels, writing report files) match the declared purpose.
- Instruction Scope
- okSKILL.md instructs running the bundled Python script with repository/time arguments. The instructions and script operate on PR data from api.gitcode.com and write Markdown/CSV outputs; they do not request unrelated files or network endpoints. The README explicitly forbids faking results and requires at least one --repo before running.
- Install Mechanism
- okNo install spec is provided; this is an instruction-only skill with a local Python script that relies only on the standard library. No remote downloads or archive extraction occur.
- Credentials
- okOnly GITCODE_TOKEN is required and declared as the primary credential. The script attempts to read process env and (on Windows) user/system env via a powershell call—this is consistent with the documented token resolution and appropriate for accessing the GitCode API.
- Persistence & Privilege
- okThe skill is not always-included and does not request system-wide changes. It writes output files only when the user specifies an --output path and reads a config.json from its own skill root by default; these behaviors are appropriate for a reporting tool.