Back to skill
Skillv1.0.0
ClawScan security
GitHub CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 20, 2026, 5:11 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions align with its stated purpose (using the GitHub CLI); nothing requested appears disproportionate or unrelated.
- Guidance
- This skill is coherent and appears to do what it says: run gh commands for GitHub tasks. Before installing: ensure you trust the skill source (it is instruction-only and comes from an unknown homepage), install gh from a trusted package source (brew/apt), and verify your gh authentication (run gh auth status). Be aware that if the agent is allowed to invoke the skill autonomously it can run gh commands using whatever GitHub credentials/tokens are configured on your machine; review token scopes and revoke or re-authenticate if you have concerns. Also note the small metadata mismatch (brew vs brew+apt) and confirm your preferred install path.
- Findings
[no_code_files_to_scan] expected: The regex scanner had no code files to analyze because this is an instruction-only skill (SKILL.md). That is expected for a CLI usage guide.
Review Dimensions
- Purpose & Capability
- okName and description match the declared dependency on the gh CLI and the provided commands. The skill is instruction-only and all commands in SKILL.md are consistent with normal GitHub CLI usage (issues, PRs, runs, api queries).
- Instruction Scope
- noteInstructions tell the agent to run gh commands and to run gh auth login/status; they do not instruct reading unrelated system files or exporting data to third-party endpoints. Note: when the agent runs gh it will use whatever GitHub auth/config exists on the host (e.g., gh's config files and stored tokens), which is expected behavior for a CLI-based GitHub integration.
- Install Mechanism
- noteInstall targets are standard package managers (brew and apt) which is low-risk. Minor inconsistency: registry-level install spec listed only a brew formula, whereas the SKILL.md metadata includes both brew and apt entries. No arbitrary downloads or archive extraction are present.
- Credentials
- noteThe skill declares no required environment variables or credentials, which fits its use of the gh CLI. However, using the gh CLI implicitly involves GitHub credentials managed by gh (local config/tokens); the skill does not request unrelated secrets or service keys.
- Persistence & Privilege
- okalways is false and the skill is user-invocable; autonomous invocation is allowed (platform default) and appropriate for this kind of CLI skill. The skill does not request elevated persistence or modify other skills or system-wide settings.