ClawHub

MacClaw Copilot CLI

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This instruction-only skill matches its stated purpose of using GitHub Copilot CLI, but users should notice that it installs an external CLI and uses a local GitHub token file.

This skill appears benign and purpose-aligned. Before using it, verify the Homebrew package, protect the GitHub token file, and avoid sending sensitive code or prompts unless Copilot use is allowed for that data.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

You may install and run code from an external package manager.

Why it was flagged

The skill asks the user to install an external CLI package through Homebrew. This is expected for a Copilot CLI skill, but the package source/version is not pinned in the artifact.

Skill content
brew install copilot-cli
Recommendation

Install only from a trusted Homebrew source and verify that the copilot-cli package is the intended GitHub Copilot CLI tool.

#ASI03: Identity and Privilege Abuse
Medium
What this means

The CLI will act with the GitHub/Copilot permissions associated with that token.

Why it was flagged

The usage example reads a local GitHub Copilot token file and passes it to the Copilot CLI as an environment variable. This is purpose-aligned, but it uses account credentials that are not declared in registry metadata.

Skill content
COPILOT_GITHUB_TOKEN=$(cat ~/.copilot/github_token.txt) copilot -p "你的问题"
Recommendation

Use a token with the minimum required permissions, keep the token file protected, and avoid running the command in untrusted environments.

#ASI07: Insecure Inter-Agent Communication
Low
What this means

Questions or code you submit may be processed by an external AI provider.

Why it was flagged

The skill is explicitly for using GitHub Copilot CLI to analyze code, which implies prompts or code supplied by the user may be sent to the Copilot service. This is expected for the stated purpose, but data-handling boundaries are not described.

Skill content
使用 GitHub Copilot CLI 分析代码。
Recommendation

Do not submit private, regulated, or proprietary code unless your organization permits using GitHub Copilot for that data.