Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
OSS Contributor
v1.0.0Discover and resolve open source GitHub issues across community repos during idle time. Finds good-first-issue/help-wanted/documentation issues, forks repos,...
⭐ 0· 350·0 current·0 all-time
byKevin Bolander@kbo4sho
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (discover/triage/fix GitHub issues and open PRs) align with the instructions: the SKILL.md uses the GitHub REST API, forks/repos/PR workflow, and requires curl + git. Requesting GH_TOKEN as the primary credential is expected for acting on a user's behalf.
Instruction Scope
The runtime instructions read and write local state ($HOME/clawd/oss-contributor.json, $HOME/clawd/memory/oss-activity.json, $HOME/clawd/memory/oss-history.json) and perform actions on GitHub (create forks/PRs). Those actions are within the declared purpose, but the SKILL.md explicitly uses the `jq` tool in examples (e.g., parsing /user output) yet jq is not listed as a required binary. The skill also exposes a --notify-channel flag (Telegram) but does not declare any required environment variable for a Telegram bot/token — this is an undeclared external-sending capability. These mismatches need clarification.
Install Mechanism
Instruction-only skill with no install spec and no code files: lowest installation risk. It doesn't download or write installer artifacts beyond using existing binaries and workspace files.
Credentials
Only GH_TOKEN is declared as the primary credential — appropriate for GitHub operations — but the SKILL.md will need a token with privileges to fork, create branches, push commits, and open PRs (likely repo and possibly workflow scopes). The skill does not document the minimum token scopes to limit risk. Additionally, the potential Telegram notification feature implies a missing credential (bot token) which is not declared; this is an unexplained request for external network communication capability.
Persistence & Privilege
always:false and user-invocable:true (normal). The skill stores activity/history under $HOME/clawd which is within the user's workspace; it does not request always-on privilege or modify other skills. Autonomous invocation is enabled by default (disable-model-invocation:false), which is normal for skills but means the skill could act without interactive approval if --auto/--yes flags are used.
What to consider before installing
This skill mostly does what it says, but pause before installing. 1) Only provide a GH_TOKEN with the minimal scopes needed (create forks/PRs) — do not hand over a full personal access token unless you understand the scopes; consider creating a dedicated token for this skill. 2) The SKILL.md uses jq but jq is not declared as required — either install jq or update the skill; otherwise the skill may fail. 3) The --notify-channel option implies sending messages (Telegram) but no bot token or webhook env var is declared — ask the author how notifications are authenticated and what env vars are needed. 4) Review and be comfortable with the skill reading/writing files at $HOME/clawd/*. Use --dry-run and a low --limit first, and consider running with a test GitHub account or a token scoped to only public repos. 5) If you need higher confidence, ask the publisher for (a) explicit list of required binaries, (b) minimal GH_TOKEN scopes, and (c) details on external notification configuration (what env vars or webhooks it will use).Like a lobster shell, security has layers — review code before you run it.
latestvk978qck95287fb683pjf9p4twn81zb5d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binscurl, git
Primary envGH_TOKEN