ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

TodoWrite Router

v0.1.0

Route TODO checklists to the right storage. session - in-session tracking via /wip, file - persistent TODO (fix_plan.md, TODO.md), issue - team-shared via Gi...

0· 36·0 current·0 all-time
byes6kr@drumrobot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and routing behavior in SKILL.md are consistent: the skill routes TODOs to session (/wip), local files (fix_plan.md, TODO.md), or GitHub Issues as described. The declared depends-on: [wip] matches the session routing.
Instruction Scope
SKILL.md instructs the agent to write/edit local markdown files and to run `gh issue create`/`gh issue list` for team-shared TODOs. It explicitly states issue creation only runs with user approval. However the document references the `gh` CLI but the skill metadata does not declare any required binaries — an operational/information mismatch that could cause unexpected behavior if `gh` is absent or not authenticated.
Install Mechanism
No install spec and no code files are present (instruction-only). This minimizes disk/write risk because nothing is downloaded or installed by the skill itself.
Credentials
The skill declares no required environment variables or credentials, but GitHub issue creation via the `gh` CLI normally requires authentication (gh auth or GITHUB_TOKEN). The absence of declared credentials is not necessarily malicious, but it is an omission the user should be aware of before expecting issue creation to work.
Persistence & Privilege
The skill does not request always-on presence and uses standard user-invocable/autonomous invocation defaults. It does not request system-level configuration changes or persistent installation artifacts.
Scan Findings in Context
[no-findings] expected: The static regex scanner found no code to analyze. This is expected for an instruction-only skill; the SKILL.md is the primary security surface.
What to consider before installing
What to check before installing: 1) Confirm the `wip` skill the document depends on is present and trusted — this skill delegates session tracking to it. 2) Ensure the GitHub CLI (`gh`) is installed and authenticated if you want issue creation to work; otherwise the skill will fail or prompt for credentials. 3) Understand where files (fix_plan.md, TODO.md) will be written and who can access them — back up or sandbox if needed. 4) Note the SKILL.md says it will only run `gh issue create` with explicit user approval; verify that your agent's invocation settings and prompts align with that expectation. 5) If you require stronger assurances, ask the skill author to declare required binaries and authentication steps (or provide an install spec) so you can audit behavior ahead of time.

Like a lobster shell, security has layers — review code before you run it.

latestvk9744p128ypa6h2y887tsw1nhx8447tw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments