Issue Prioritizer
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill appears to be for legitimate GitHub issue triage, but it grants broader authenticated GitHub command access than its read-only purpose requires.
Before installing, confirm you are comfortable letting the skill use your authenticated GitHub CLI session. Prefer a read-only or fine-grained GitHub token, avoid using it on highly sensitive private/security issues, and ask the publisher to narrow the allowed gh commands to read-only list/view operations.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent is confused or influenced by bad input, it may have access to mutation-capable GitHub commands under the user's account, despite the read-only expectation.
The allowed tools include broad GitHub issue, PR, and raw API command prefixes, while the skill describes itself as read-only and only needs issue/PR listing for its documented workflow.
| Bash(gh issue*), Bash(gh pr*), Bash(gh api*), Read, Glob, Grep, Task | Analyze GitHub issues with parallel Sonnet agents |
Restrict the command allowlist to exact read-only operations such as gh issue list/view and gh pr list/view, or require explicit user approval for any write-capable gh api, gh issue, or gh pr command.
A GitHub CLI token with write or admin scopes could give the skill more authority than is needed for issue prioritization.
The skill uses the user's local GitHub authentication; combined with broad gh command permissions, the effective privileges depend on whatever scopes the user's gh token already has.
- `gh` CLI authenticated (`gh auth login`)
Use a fine-grained or read-only GitHub credential where possible, declare the credential requirement clearly, and narrow allowed commands so the skill cannot use write-capable GitHub operations.
A malicious issue description could try to influence the analysis or scoring, especially if paired with broad tool access.
The skill embeds GitHub issue bodies, which are user-generated external content, into subagent prompts without an explicit instruction to ignore commands or instructions inside those issue bodies.
ISSUES TO ANALYZE (JSON): {paste the JSON array for this batch - truncate issue bodies longer than 2000 chars}Add a clear instruction that issue titles, bodies, labels, and comments are untrusted data to analyze, not instructions to follow.
Private repository issues or security-sensitive bug reports may be processed by several model workers during one invocation.
The skill intentionally distributes fetched issue data to multiple subagents for parallel analysis; this is disclosed and purpose-aligned, but it expands where private issue content is processed.
Spawn up to 7 Sonnet agents in parallel using the Task tool
Use the skill only on repositories and issues you are comfortable sending to the model/subagents, and keep limits modest for private or sensitive repositories.