GitHub Automation
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches its GitHub automation purpose, but it asks for a powerful GitHub token and the included script disables TLS certificate verification when sending that token.
Install only if you are comfortable reviewing and fixing the script. Before use, restore normal TLS certificate verification and use a fine-grained GitHub token scoped to only the repositories and actions you intend to automate.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A network attacker or malicious proxy could potentially intercept the GitHub token or tamper with API responses/actions.
The script disables hostname and certificate verification while sending the GitHub authorization token, so it cannot reliably verify that it is communicating with the real GitHub API.
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
...
'Authorization': f'token {token}',Do not use this script until TLS verification is restored; remove the CERT_NONE/check_hostname changes and rely on the default trusted certificate validation.
If the token is broad, the skill may be able to access private repository information and create or change GitHub content wherever the token allows.
The skill asks users to provide a GitHub token with broad repository and account-related permissions, without bounding it to specific repositories or least-privilege operations.
Uses GITHUB_TOKEN environment variable. ... - `repo` - Repository access - `issues` - Issue management - `pull_requests` - PR access - `notifications` - Read notifications
Use a fine-grained GitHub token limited to only the intended repositories and permissions, and declare the credential requirement clearly in metadata.
The agent could create visible GitHub issues if invoked with the user's token and repository details.
The tool can create GitHub issues through a POST request. This is purpose-aligned and user-directed, but it is still a state-changing action on a third-party account.
endpoint = f"/repos/{owner}/{repo}/issues"
...
return api_request(endpoint, token, 'POST', data)Review repository, title, body, and labels before allowing issue-creation commands, especially on public or organization-owned repositories.