ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Git Repo to Book

v1.0.0

Write a full-length technical book using multi-agent AI orchestration. Spawns parallel research, writing, and review agents to produce 60K-100K+ word manuscr...

0· 399·0 current·0 all-time
byChunhua Liao@chunhualiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (convert a git repo or topic into a multi-chapter technical book) matches what the skill requires: reading a repository, spawning subagents, merging and polishing Markdown, and optionally converting to HTML. Required tools in skill.yml (exec, sessions_spawn, read, write, git) are consistent with the stated functionality.
Instruction Scope
SKILL.md and templates confine behavior to planning, reading repo files, spawning research/writing/review agents, merging chapters, and producing outputs. The only file/system reads referenced are project files (chapters/, book/, diagrams/) and the WORKLOG protocol; the provided scripts operate on project files and do not attempt to exfiltrate data or call external endpoints. Note: SKILL.md instructs the orchestrator to perform git pushes (publish phase) which will use whatever git credentials are present on the host—this is expected for publishing but worth awareness.
Install Mechanism
There is no install spec and the skill is instruction/code-only. The included Python scripts are small, local utilities (merging, polishing, HTML conversion, link validation). No remote downloads, URL-extraction, or archive extraction are present.
Credentials
The skill declares no required environment variables or secrets. It references model names and recommends budgets/cost-tracking but does not request API keys. The expected use of git push relies on existing git credentials on the host (not provided by the skill), which is proportionate to the 'publish' step but a potential privacy/credential action to be aware of.
Persistence & Privilege
always:false and disable-model-invocation:false (normal). The skill requires exec and sessions_spawn capabilities, which allow running shell commands and creating subagents — powerful but necessary for multi-agent orchestration. There is no attempt to modify other skills' configs or force permanent inclusion.
Assessment
This skill appears coherent and its included scripts are benign utilities for merging, polishing, converting, and validating a manuscript. Before installing or running: (1) review the repository you plan to process (don't run on repos containing secrets or private keys), (2) understand that the skill will run shell commands (exec) and spawn subagents (sessions_spawn) and may perform git commits/pushes using whatever git credentials are configured on the host, (3) set a strict budget limit in inputs to avoid unexpected API spend, (4) if you want additional safety, run the skill in an isolated workspace or inspect/execute the bundled scripts manually first, and (5) confirm you trust the models/services the orchestrator will call or provide the necessary model access controls. If you need higher assurance, request a line-by-line code review of the orchestrator logic (the SKILL.md truncates some details of the orchestration pattern).

Like a lobster shell, security has layers — review code before you run it.

latestvk97f9gbwkk7pz2pyv4kyt2ab3s822ayb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments