ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

script creator with github companion

v1.0.0

Create and modify scripts in ~/.nanobot/workspace/test with strict Git versioning. Each script lives in its own directory with an isolated git repository. Al...

0· 592·0 current·0 all-time
by@cadot-eu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill name/metadata imply a GitHub companion, but the SKILL.md contains no GitHub remote, authentication, or push/pull steps — it only initializes and uses local git repositories. The metadata lists no required binaries or environment variables, yet the runtime instructions require git, a shell with 'source' available, Python and pip (and an existing virtualenv at ~/.nanobot/workspace/venv). These omissions are incoherent: a script/git manager should declare git/python/pip as required or explain how to proceed if absent, and the 'GitHub' claim should be reconciled with the lack of GitHub actions or credentials.
Instruction Scope
The SKILL.md is explicit and tightly scoped to operations inside ~/.nanobot/workspace/test and to using the specified virtualenv. It mandates user confirmation before creating/modifying files and forbids touching files outside the target directory. However, it instructs performing pip installs into the venv (which will fetch and execute code from package indexes), and it does not specify behavior if the venv or git are missing. These are reasonable for a local development tool but are important security/operational considerations the metadata doesn't surface.
Install Mechanism
This is an instruction-only skill with no install spec and no files to write during install, which minimizes install-time risk. There are no downloads or external install URLs in the package metadata to review.
Credentials
The skill requests no environment variables or credentials, which aligns with a local-only tool. That said, the instructions implicitly require access to git and possibly user git configuration; if a true 'GitHub companion' feature exists, it would require GitHub credentials, but none are requested. The lack of declared required binaries (git, python, pip) is an omission relative to the runtime instructions.
Persistence & Privilege
always is false and the SKILL.md mandates explicit user confirmation before actions, so the skill does not request elevated or permanent platform privileges. Note: the platform default allows autonomous invocation, but the skill's instruction set explicitly requires confirmation before mutating files; this mismatch (platform can run autonomously, skill says 'wait for user') should be considered by the integrator.
What to consider before installing
Before installing or using this skill, consider: 1) Name mismatch — the skill title suggests GitHub integration but the instructions only perform local git operations; ask the author whether GitHub push/pull and credential use are intended. 2) Missing declarations — the metadata does not list required binaries (git, python, pip) or handle a missing virtualenv; verify those tools and the venv exist or request the skill be updated to create/validate them. 3) Pip installs — the skill will run pip install in the venv and therefore will download and execute third-party package code (PyPI or other indexes); only proceed with packages you trust or require a lockfile/explicit package list. 4) Confirm behavior — the SKILL.md insists on explicit user confirmation before changes; when enabling autonomous invocation for an agent, ensure the agent will not bypass that confirmation. 5) If you need GitHub remote support, ask the developer to add explicit, documented steps for pushing to remotes and to declare the GitHub credential requirements. Overall the skill appears coherent for local script/git management but has enough omissions and a misleading name that you should request clarifications/changes before trusting it with important files.

Like a lobster shell, security has layers — review code before you run it.

latestvk972ynz6jep4frc7nw8e5a2ts981c5dm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments