CI/CD Pipeline
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: cicd-pipeline Version: 1.0.0 The skill bundle provides comprehensive documentation and code examples for managing CI/CD pipelines with GitHub Actions. All presented commands and YAML snippets are standard for this purpose, utilizing common GitHub Actions and the `gh` CLI. There is no evidence of prompt injection against the agent, data exfiltration, malicious execution, persistence mechanisms, or obfuscation. Examples involving sensitive data like SSH keys or secrets are presented as user-facing instructions or workflow configurations, not as commands for the agent to execute against the user's environment.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A generated workflow could publish releases or otherwise modify repository state when matching tags or events occur.
The skill includes workflow templates that can create GitHub releases and require repository write permissions. This is coherent with CI/CD release automation, but it is a high-impact capability if applied without review.
### Deploy to production on tag ... permissions:
contents: write ... - uses: softprops/action-gh-release@v2Review workflow triggers and permissions before committing. Use least-privilege permissions, protected branches/tags, environment approvals, and manual gates for production or release workflows.
If a workflow or referenced action is misconfigured or compromised, repository secrets or token permissions could be used to deploy, publish, or access protected resources.
The workflow examples use GitHub Actions secrets and the GitHub token for deployment and package publishing. This is expected for CI/CD, but it gives workflows delegated authority.
DEPLOY_TOKEN: ${{ secrets.DEPLOY_TOKEN }} ... password: ${{ secrets.GITHUB_TOKEN }}Store only necessary secrets, scope tokens narrowly, prefer environment-scoped secrets and OIDC where possible, and avoid exposing secrets to untrusted pull-request contexts.
A changed or compromised third-party action could run code in CI with the workflow's available permissions and secrets.
The templates reference third-party GitHub Actions by tags rather than immutable commit SHAs. This is common in CI/CD examples, but those actions execute in the workflow environment.
- uses: dtolnay/rust-toolchain@stable
- uses: Swatinem/rust-cache@v2 ... - uses: softprops/action-gh-release@v2Prefer trusted actions, review their permissions and maintainers, pin security-sensitive workflows to commit SHAs, and use dependency update tooling to manage action versions.