Repo Analyzer

The skill largely does what it claims (GitHub repo analysis) but contains several incoherences and risky instructions — notably it implicitly requires a GITHUB_TOKEN while declaring no env requirements, instructs reading ~/.bashrc to extract credentials, and runs shell commands (bird/gh) that would receive the agent's environment — so treat it with caution.

This skill implements a plausible GitHub repo analyzer, but there are notable red flags you should consider before installing or running it: - Credential handling: The skill expects a GITHUB_TOKEN but the registry metadata does not declare it; SKILL.md even tells you to source ~/.bashrc or grep it out of that file. Do NOT store or extract long-lived tokens from shell rc files for third-party tools. Prefer providing a token via the --token flag or a short-lived token with minimal scopes. - Local file access: The documentation instructs reading ~/.bashrc; that is a direct local file read that could expose other secrets if you follow the provided commands. Avoid running those exact source/grep commands unless you understand what they'll reveal. - Child process execution: The code executes external CLIs (bird, gh) using child_process.execSync and forwards environment variables. If you run the skill and those CLIs are present (or replaced by malicious binaries), your environment (including tokens) could be exposed. Only run in an isolated environment or confirm the CLIs are trustworthy. - Auto-triggering on pasted tweets: The skill will attempt to fetch tweet content automatically and include it in reports. If you paste a private or sensitive URL, the skill may fetch and include that text in outputs. - Mitigations: Inspect the full analyze.js file locally, run the tool in an isolated container/VM, use a minimal-scope GitHub PAT (or a read-only token), avoid storing tokens in ~/.bashrc, and do not allow the skill to auto-run on arbitrary pasted content. If you need higher assurance, ask the author for clearer metadata (declare GITHUB_TOKEN requirement) and for an option to disable invoking external CLIs or auto-triggering on tweets.