v1.1.0

Release Tracker

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:02 AM.

Analysis

This looks like a coherent release-monitoring skill, but it can use your GitHub login, run on a schedule, and post summaries to configured chat channels.

GuidanceBefore installing, confirm you want a scheduled release tracker, use the least-privileged GitHub authentication suitable for the repos being monitored, test output before enabling chat delivery, and make sure you know how to disable the cron job.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

Based on `outputFormat`: `discord-forum`: `message(action=thread-create, channelId=<outputChannel>...)`; `discord-channel`: `message(action=send...)`; `telegram`; `slack`

The skill can cause the agent to create forum posts or send messages to external chat channels. This is clearly disclosed and central to the release-tracking purpose.

User impactIf configured with a shared or public channel, the agent may post release summaries there automatically.

RecommendationVerify `outputChannel` and `outputFormat`, test with `text` or a private channel first, and enable chat delivery only for intended destinations.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceMediumStatusNote

metadata

Required binaries (all must exist): none; Required env vars: none; Primary credential: none

The registry metadata does not declare the GitHub CLI/auth dependency that is stated in the skill instructions and checked by the setup script. This is an install-contract completeness issue, not evidence of hidden behavior.

User impactA user may not realize before setup that the skill depends on a locally authenticated `gh` CLI.

RecommendationDeclare the `gh` binary and GitHub authentication expectation in metadata, and review the included setup script before running it.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

Create the cron job for automated checking: Name: release-tracker; Schedule: {config.schedule}; Session: isolated; Payload: agentTurn with message referencing this skill; Delivery: none (skill handles its own delivery)

The skill explicitly sets up recurring agent-driven checks. This persistence is disclosed and aligned with release monitoring, but it will continue until the cron job is changed or removed.

User impactAfter setup, the tracker can continue running on schedule and may post new release summaries without asking each time.

RecommendationChoose a conservative schedule, keep a record of the cron job, and remove or disable it when release monitoring is no longer desired.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

- `gh` CLI installed and authenticated (`gh auth status`)

The workflow relies on the user's authenticated GitHub CLI context. That is expected for GitHub release tracking, and no artifact shows credential leakage or unrelated account use.

User impactThe skill may query release information for repositories accessible to the authenticated GitHub account.

RecommendationUse an appropriate GitHub account or token scope, and only configure repositories you intend the tracker to access.