ClawHub
Back to skill
v1.0.1

GitHub Knowledge Base

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:54 AM.

Analysis

This is a coherent GitHub search and local knowledge-base helper, but users should notice it can use GitHub credentials and store cloned repository information locally.

GuidanceThis skill appears safe for its stated purpose if you are comfortable with it using gh and maintaining a local repository catalog. Use a limited GitHub token or account, confirm the KB directory, and avoid cloning or cataloging private repositories unless you want that information stored locally.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
`git clone https://github.com/<owner>/<name>.git ${GITHUB_KB_PATH:-/home/node/clawd/github-kb}/<name>` ... `Update GITHUB_KB.md: Add entry for the new repo`

The documented workflow downloads repositories and modifies a local catalog. This is central to the skill's purpose and is scoped to the KB path, but it is still local file mutation and network-backed repository retrieval.

User impactA wrong repository or path could add unwanted code or entries to the local knowledge base and consume local disk space.
RecommendationConfirm the repository identity and KB directory before cloning, especially for private repositories or large codebases.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Required binaries (all must exist): none ... Env var declarations: none ... Primary credential: none

The registry metadata does not advertise the gh CLI/authentication or optional environment variables that SKILL.md documents. The SKILL text itself discloses them, so this is a setup transparency note rather than hidden code behavior.

User impactInstall-time metadata may not show all prerequisites; users need to read the skill instructions to understand setup and authentication.
RecommendationBefore use, verify gh is installed from a trusted source and decide whether you want to provide GITHUB_TOKEN or a custom GITHUB_KB_PATH.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
SKILL.md
`GITHUB_TOKEN` - GitHub Personal Access Token (optional, for private repos) ... `gh auth login --with-token <(echo "$GITHUB_TOKEN")`

The skill may use a GitHub PAT or authenticated gh session to access private repositories. This is purpose-aligned, but it gives the agent access according to the token/account permissions.

User impactIf you provide a token or authenticated gh account, the skill may search, view, or clone private GitHub resources that account can access.
RecommendationUse the least-privileged GitHub account or token needed, avoid broad PAT scopes, and revoke or rotate the token when no longer needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Key file: GITHUB_KB.md at the root of the KB directory catalogs all projects with brief descriptions ... Generate project description: Read README or key files

The skill persists summaries/catalog entries derived from repository content. This is the intended KB behavior, but private or untrusted repository information may remain available for later tasks.

User impactThe local catalog may retain names, descriptions, and context about private or sensitive repositories.
RecommendationStore the KB in a location appropriate for the sensitivity of the repositories and review GITHUB_KB.md before sharing or reusing it.