Openclaw Skills Github Sync
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly does what it claims, but it runs local shell sync scripts, pushes all configured repository changes to GitHub, and sources a generated shell config file in a way that deserves review.
Install only if you are comfortable running the shell scripts locally and pushing the selected skill repositories to GitHub. Before syncing, inspect scripts/config.sh, verify the private and public paths, run git status/git diff yourself, and confirm the GitHub remote is the intended private or public repository.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or tampered config file could execute local commands under the user's account when the sync script runs.
The sync script executes config.sh as shell code. Because setup.sh generates that config from interactive path input, crafted path text or later config modification could run unintended shell commands when syncing.
if [ -f "$CONFIG_FILE" ]; then
source "$CONFIG_FILE"Treat scripts/config.sh as executable code, inspect it before syncing, and avoid entering paths containing shell metacharacters. The maintainer should store config as plain data or safely escape values instead of sourcing it.
If the configured path or Git remote is wrong, the script could publish unintended files or propagate deletions to GitHub.
The script stages all changes, including deletions, commits them, and pushes to the configured GitHub remote after confirmation. This is aligned with the sync purpose but broad.
git add -A git commit -m "Sync $(date '+%Y-%m-%d %H:%M')" git push origin main
Run git status and git diff manually before confirming, verify the remote URL and branch, and use a private repository unless public release is intended.
The skill acts through the user's GitHub account and can write to repositories that account can push to.
The setup flow checks for an authenticated GitHub CLI session, and the sync flow later uses Git credentials/remotes to push. This is expected for a GitHub sync tool.
if gh auth status &> /dev/null; then
echo " 已登录 GitHub"Use a GitHub account or token with only the repository access needed for the skills sync, and confirm the remote repository privacy settings.
Users may install code from a repository outside the reviewed registry artifact, and that external repository could differ from the supplied files.
The documentation directs installation from an external GitHub repository, while the registry metadata lists the source as unknown and there is no install spec. This is a provenance gap, not evidence of malicious behavior.
git clone https://github.com/Hi-Jiajun/openclaw-skills-github-sync.git
Install only from a trusted source, compare the repository contents with the reviewed artifact, and prefer pinned releases or commit hashes where possible.