ClawHub

GitHub Actions Runtime Regression Audit

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for locally comparing GitHub Actions run exports, with normal caution around the optional GitHub CLI collection step and user-chosen file globs.

This looks safe for its stated purpose. Before installing, review the bundled script, keep BASELINE_GLOB and CURRENT_GLOB limited to the intended GitHub Actions export folders, and only run the optional gh command with the GitHub account and repositories you intend to audit.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Low
What this means

If a broad glob is used, the script may read and summarize more local JSON files than intended.

Why it was flagged

The script reads every local file matched by the user-supplied baseline/current glob patterns. This is expected for comparing exported run JSON, but the chosen glob controls the read scope.

Skill content
files = sorted(glob.glob(file_glob, recursive=True)) ... with open(path, 'r', encoding='utf-8') as fh:
Recommendation

Use narrow globs that point only to the intended GitHub Actions export directories.

#
ASI03: Identity and Privilege Abuse
Low
What this means

Running the collection command can access GitHub repository workflow-run data available to the configured GitHub CLI account.

Why it was flagged

The optional collection example uses the GitHub CLI, which typically relies on the user's configured GitHub authentication. The command is user-directed and scoped to specific run IDs and output fields.

Skill content
gh run view <run-id> --json databaseId,workflowName,headBranch,headSha,url,repository,jobs \
Recommendation

Run the GitHub CLI collection step only for intended repositories and run IDs, and verify the active GitHub account has appropriate scope.

#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

Users have less external provenance information for deciding whether to trust the bundled script.

Why it was flagged

The registry metadata does not provide upstream provenance. This is not suspicious by itself because the skill is bundled and has no install spec, but it reduces transparency.

Skill content
Source: unknown; Homepage: none
Recommendation

Review the bundled script and install from a trusted registry or publisher before using it in CI workflows.