ForkZoo
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill Suspicious High-Entropy/Eval files: 4 This skill is classified as suspicious primarily due to its requirement for a GitHub Personal Access Token with broad `repo` and `workflow` scopes, as explicitly stated in `SKILL.md` and utilized across `scripts/adopt.sh`, `scripts/interact.sh`, and `scripts/status.sh`. While these permissions are plausibly necessary for the skill's stated purpose of managing GitHub-native digital pets (forking repositories, enabling GitHub Actions, dispatching workflows, and reading repository contents), they grant extensive control over a user's GitHub account, including private repositories and the ability to execute arbitrary code via workflows. There is no clear evidence of intentional malicious behavior or data exfiltration to external endpoints in the provided code, but the inherent risk associated with such broad permissions warrants a 'suspicious' classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A broad GitHub token can affect repositories and workflows beyond the pet if it is over-scoped or mishandled.
The skill asks for broad GitHub credential authority, and the registry metadata does not declare a primary credential or required environment variable.
GitHub Token with `repo` and `workflow` scopes
Use a least-privilege or temporary GitHub token, preferably scoped only to the intended pet repository/account, and revoke it when finished.
Remote workflows can run in your GitHub account’s forked repository and may change repository contents, consume Actions minutes, or publish output.
The adoption script enables GitHub Actions with all actions allowed in the newly forked repository, which is broader than a narrowly scoped pet workflow.
"https://api.github.com/repos/$GITHUB_USER/$REPO_NAME/actions/permissions" ... -d '{"enabled": true, "allowed_actions": "all"}'Review the forked repository workflows before enabling Actions, restrict allowed actions where possible, and require explicit user confirmation before making these changes.
You would be trusting code and workflows from external repositories that were not reviewed in this skill package.
The script forks external template repositories and immediately dispatches a workflow, but the workflow contents and a pinned source revision are not included in the artifacts.
monkey) SOURCE_REPO="forkZoo/forkMonkey" ;; ... curl ... "https://api.github.com/repos/$GITHUB_USER/$REPO_NAME/actions/workflows/genesis.yml/dispatches"
Inspect the source pet repositories and their GitHub Actions workflows before adoption, and prefer pinning or documenting a specific reviewed commit.
Your pet repository may keep changing automatically unless you disable the workflows.
Persistent daily automation is disclosed and central to the pet concept, but it continues operating after setup.
Pets evolve automatically every day via GitHub Actions: - AI (GPT-4o or Claude) decides mutations
Only adopt if you want ongoing automation, and disable GitHub Actions or delete the repository when you no longer want the pet to evolve.