xfire Security PR Review
v0.1.2Multi-agent adversarial security review — 3 AI agents debate every finding, only real vulnerabilities survive
⭐ 0· 317·0 current·0 all-time
byHarish Kolla@har1sh-k
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to run adversarial reviews across Claude, Codex, and Gemini and to analyze GitHub PRs — requesting Anthropic, OpenAI, Google API keys and a GitHub token is coherent with that stated purpose. The XFIRE_* env vars for config/cache/auth are consistent with a CLI tool that persists state.
Instruction Scope
SKILL.md instructs use of a CLI ('xfire analyze-pr', 'xfire init', 'xfire auth login') and to read repository contents, create debug traces, and optionally post GitHub comments — these are within the expected scope. However, the skill metadata declares no required binaries and provides no automated install spec while the instructions assume you can 'pip install xfire' or have an 'xfire' CLI available; that mismatch is an operational/incoherence concern (agent/runtime must have that CLI or the user must install it).
Install Mechanism
There is no install spec in the skill bundle (instruction-only), which limits automated risk. The README/skill instructs users to 'pip install xfire' — installing a third-party package from PyPI is a normal step but has moderate risk and should be verified (check PyPI package name, version, and upstream repo). Because installation is user-driven and not performed automatically by the skill, the surface for silent remote code execution from the skill bundle itself is low.
Credentials
The skill requires multiple high-sensitivity credentials: ANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY, and GITHUB_TOKEN. Requiring all three LLM provider keys as mandatory is potentially excessive — a user might want to run only one or two agents. XFIRE_CONFIG_PATH/XFIRE_AUTH_PATH/XFIRE_CACHE_DIR are plausible for a CLI, but XFIRE_AUTH_PATH may contain long-lived credentials. The demand for full sets of provider keys and a GitHub token should be justified or made optional; also consider least-privilege scopes (e.g., read-only GitHub token if posting comments isn't needed).
Persistence & Privilege
The skill is not set to always:true and does not declare modifications to other skills or system-wide settings. Runtime instructions include writing debug traces and cache/config files under XFIRE paths or the repo (expected for a CLI tool). No unusual persistence or privilege escalation is requested by the skill metadata or SKILL.md.
What to consider before installing
Before installing or running this skill: 1) Be comfortable providing multiple LLM API keys and a GitHub token — if you only want one agent, confirm whether non-used keys can be omitted. 2) Use least-privilege credentials: restrict the GitHub token scope (e.g., repo:status/read or read-only) unless you intend to allow posting comments. 3) Verify the 'xfire' package on PyPI and its GitHub repo (review code, releases, and maintainers) before pip installing. 4) Run initial scans with dry-run and --debug in an isolated environment (or CI runner) and inspect any files written to XFIRE_CONFIG_PATH/XFIRE_AUTH_PATH. 5) If you need higher assurance, ask the publisher to make installing optional or to support running with a single provider key and to document exact token scopes and where auth is stored. These steps reduce risk from installation and credential exposure.Like a lobster shell, security has layers — review code before you run it.
aivk97e6v1dvgt6772wbrm8xf38r1822e6pci-cdvk97e6v1dvgt6772wbrm8xf38r1822e6pcode-reviewvk97e6v1dvgt6772wbrm8xf38r1822e6pdevsecopsvk97e6v1dvgt6772wbrm8xf38r1822e6platestvk97e6v1dvgt6772wbrm8xf38r1822e6pmulti-agentvk97e6v1dvgt6772wbrm8xf38r1822e6psarifvk97e6v1dvgt6772wbrm8xf38r1822e6psecurityvk97e6v1dvgt6772wbrm8xf38r1822e6pvulnerabilityvk97e6v1dvgt6772wbrm8xf38r1822e6p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔥 Clawdis
EnvANTHROPIC_API_KEY, OPENAI_API_KEY, GOOGLE_API_KEY, GITHUB_TOKEN, XFIRE_CONFIG_PATH, XFIRE_CACHE_DIR, XFIRE_AUTH_PATH
Primary envANTHROPIC_API_KEY