Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Pylinter Assist
v0.6.3Provides context-aware Python linting with pattern-based heuristics for reviewing GitHub pull requests.
⭐ 0· 111·0 current·0 all-time
byClay Graham@claytantor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (context-aware Python linting for PRs) matches the included code: CLI, linter orchestration (pylint + pattern checks), GitHub Actions monitoring, and notification hooks. Network access to GitHub and optional notification services (Telegram/Discord) is required for the advertised features and is present in the code. There are minor metadata mismatches (package __version__ is 0.1.0 while registry lists 0.6.3, and the SKILL.md references the GitHub repo 'claytantor/pylinter-assist' while the registry source is listed as unknown) — these are likely bookkeeping issues, not functional misalignment.
Instruction Scope
SKILL.md focuses on creating a venv, installing the package locally (pip install -e .), and adding a reviewed GitHub workflow — all within the stated purpose. It explicitly warns about GitHub Actions and secrets, and does not instruct the agent to read unrelated system files. CLI options and monitor callbacks accept tokens (GITHUB_TOKEN, TELEGRAM_BOT_TOKEN, etc.) which are necessary to post comments, trigger workflows, or send notifications; the docs warn about exposing tokens on the command line.
Install Mechanism
There is no automatic remote install script; installation is manual via pip in a venv (pip install -e .) and optional ClawHub npm CLI for installing the skill snapshot. The SKILL.md explicitly discourages curl|sh and recommends cloning/pinning workflow files. No suspicious remote downloads or archive extraction are specified.
Credentials
The skill does not declare required env vars but reasonably uses common tokens when needed: GITHUB_TOKEN for GitHub API calls/PR comments and optional bot/webhook tokens for notifications. Those credentials are proportional to posting comments, triggering workflows, and sending notifications. The documentation warns about not exposing tokens on the command line and to pin workflow files, which is appropriate.
Persistence & Privilege
`always` is false and the skill is user-invocable; it does not request permanent system-wide privileges or modify other skills. It installs locally into a venv and operates on repository files/workflows when explicitly instructed by the user.
Assessment
This skill appears to do what it says: lint PRs, run pattern checks, post comments, and optionally monitor GitHub Actions and send notifications. Before installing:
- Review and pin the exact .github/workflows/lint-pr.yml you add to your repo; workflows run with repo permissions and can read secrets. Do not copy from an unfrozen branch without inspection.
- Use a dedicated GITHUB_TOKEN with the minimal scopes required (avoid using a broad personal token). Avoid passing tokens on the command line; prefer environment variables.
- Install and run inside a Python virtual environment (the docs recommend venv/pyenv).
- If you enable notifications, provide bot/webhook tokens via environment/config (not via visible CLI args) to avoid exposure in process listings or logs.
- The package appears to be source-distributed and contains code for network calls and subprocesses (pylint/git). Test in an isolated environment (or non-production repo) first.
- Small inconsistencies (version mismatch, repository owner metadata) look like bookkeeping issues; if provenance matters to you, verify the upstream repository and commit SHA before using the workflow in production.Like a lobster shell, security has layers — review code before you run it.
latestvk97e8wxtrbaw6m1r5087bp20yx83w9f3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.