Back to skill
Skillv1.0.1
ClawScan security
AtomGit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 1, 2026, 1:15 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only AtomGit MCP helper that consistently requires only an AtomGit personal token and assumes an operator-installed MCP server — the requested artifacts and runtime instructions match the described purpose.
- Guidance
- This skill is instruction-only and appears internally consistent: it only needs an AtomGit personal access token (ATOMGIT_TOKEN) and expects an AtomGit MCP server to be installed and verified outside the task runtime. Before installing or using it, verify the upstream MCP server package/source (the README points to atomgit.com and an npm package) and ensure you store ATOMGIT_TOKEN in a secure client-side secret store (do not paste it into chat). If you operate in an environment that also uses GitHub/GitLab, confirm the user explicitly refers to AtomGit to avoid accidental cross-platform operations.
Review Dimensions
- Purpose & Capability
- okThe name/description describe AtomGit repository and admin workflows and the skill only requests ATOMGIT_TOKEN and references AtomGit MCP tools and endpoints. There are no unrelated credentials, binaries, or install steps demanded that would be disproportionate to a repo/PR/issue management skill.
- Instruction Scope
- okSKILL.md restricts actions to AtomGit contexts, instructs the agent to inspect the runtime tool list, gather identifiers before mutating state, prefer reads over writes, and to pause if the MCP server is missing. It explicitly forbids asking users to paste tokens into chat and disallows in-task automatic installs—these instructions stay within the stated purpose.
- Install Mechanism
- okNo install spec or code is present — the skill is instruction-only. The README and references point to upstream MCP server sources and an npm package, but the skill does not perform any downloads or installations itself.
- Credentials
- okOnly ATOMGIT_TOKEN is declared and used as the primary credential, which is appropriate for an API-driven repository management skill. The docs advise storing tokens in a client secret store and not pasting them in chat.
- Persistence & Privilege
- okThe skill does not request always:true or other elevated platform privileges. It's user-invocable and allows normal autonomous invocation, which is the platform default and appropriate here.