ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pipeworx github

v1.0.0

Search GitHub repos, view issues, and look up user profiles via the public REST API — no token required

0· 50·0 current·0 all-time
byBruce Gutman@b-gutman
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
Name/description say it uses the public GitHub REST API with no token; however the examples and MCP config show all calls being proxied through https://gateway.pipeworx.io/github/mcp. That gateway is not mentioned in the top-level description and is functionally required for the provided usage pattern.
!
Instruction Scope
SKILL.md instructs the agent to POST JSON-RPC to a third‑party endpoint and to configure an MCP remote via npx. That means user queries and any context the agent includes will be sent to pipeline.pipeworx.io (third party), which is broader than 'use public GitHub API' and not documented as an external dependency in the manifest.
Install Mechanism
There is no install spec in the registry (instruction-only), but SKILL.md recommends invoking npx mcp-remote@latest. Using npx pulls and runs code from the npm registry at runtime — a networked supply-chain action that can execute arbitrary code if used. No files are written by the registry install itself.
Credentials
The skill requests no environment variables or credentials, which is consistent with 'public data only'. However, because requests are proxied through a third party, absence of declared credentials does not prevent sensitive context from being transmitted to that third party.
Persistence & Privilege
always is false and the skill does not request persistent system privileges or config path access. Autonomous invocation is allowed (platform default); combined with the third‑party gateway this increases the potential blast radius but is not itself an explicit privilege escalation in the manifest.
What to consider before installing
This skill routes queries through https://gateway.pipeworx.io rather than calling api.github.com directly. That means your search queries and any agent-provided context will be sent to that third party. The SKILL.md also suggests using `npx mcp-remote@latest`, which would fetch and run code from npm at runtime. Before installing: (1) confirm you trust gateway.pipeworx.io and review its privacy/security policy, (2) avoid sending any sensitive or private context when invoking this skill, (3) if you prefer to avoid third‑party proxies, use a skill or direct curl calls to api.github.com (or configure your own proxy) instead, and (4) if you must use the npx approach, consider auditing or vendoring the mcp client rather than running it directly from npm.

Like a lobster shell, security has layers — review code before you run it.

latestvk978s0wn46e0faa48tw7bs5wd984emaw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐙 Clawdis
Binscurl

Comments