Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
GitHub Personal Repo Publisher
v1.0.0Create a repository under your own GitHub account, wire a local project repo to it, and push committed history safely. 为你自己的 GitHub 账户创建仓库,把本地项目仓库接过去,并安全推送已提...
⭐ 0· 15·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated purpose (create a repo and push via SSH + a 1Password-stored PAT) is coherent with the runtime instructions, but the registry metadata declares no required binaries or credentials while SKILL.md explicitly assumes git, ssh, curl, network access, and the 1Password CLI. Also README/SKILL.md include concrete defaults (owner 'grey0758', SSH alias 'github-grey0758', a specific 1Password item path) which are specific to one account and inappropriate as global defaults.
Instruction Scope
SKILL.md instructs the agent to read local repo files, verify SSH (ssh -T), and read a PAT from 1Password (op read) then call the GitHub API via curl. Those actions are expected for this purpose, but the instructions reference a specific 1Password path and SSH host alias (which could fail or be misapplied) and they instruct reading a secret from 1Password — ensure the skill will only read a PAT you intend to use and will not copy or leak it (the SKILL.md does state 'do not reveal PAT values').
Install Mechanism
Instruction-only skill with no install spec or code files — low file-write/install risk. All runtime behavior comes from the SKILL.md commands the agent will run.
Credentials
The skill needs a GitHub PAT to call the REST API when 'gh' is unavailable, which is proportionate. However the manifest lists no required credentials/primaryEnv while SKILL.md uses an explicit 1Password item path ('op://OpenClaw/GitHub Fine-Grained PAT - Repo Admin - grey0758/credential'). The hardcoded item and owner name point to a specific account and should be removed or made configurable. Also confirm the PAT scope is minimal for the task (repo creation) and not broader than necessary.
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills, and 'agents/openai.yaml' sets allow_implicit_invocation:false. It has no persistent installation actions in its manifest. Normal autonomous invocation concerns are not compounded here.
What to consider before installing
Before installing or using this skill: (1) Confirm you have git, ssh, curl, network access, and the 1Password CLI available on the agent environment — the manifest does not declare these but SKILL.md requires them. (2) Replace or remove the hardcoded defaults (owner 'grey0758', SSH host alias 'github-grey0758', and the 1Password item path) with values that match your account; do not use someone else's defaults. (3) Verify the 1Password item and PAT scope: the PAT should have only the minimal scopes needed (repo creation/administration as required) and you should never allow the skill to print or store the raw token. (4) Test the workflow on a disposable repo or with a dry run before running against important repositories. (5) If you want stronger guarantees, ask the author to update the package metadata to declare required binaries and to make credential/SSH-alias configurable rather than hardcoded. If you cannot verify these changes, treat the skill with caution.Like a lobster shell, security has layers — review code before you run it.
gitvk97484qy8ywfw2cs1bcmpy0k9n84ey47githubvk97484qy8ywfw2cs1bcmpy0k9n84ey47latestvk97484qy8ywfw2cs1bcmpy0k9n84ey47publishvk97484qy8ywfw2cs1bcmpy0k9n84ey47repositoryvk97484qy8ywfw2cs1bcmpy0k9n84ey47
License
MIT-0
Free to use, modify, and redistribute. No attribution required.