ClawHub

GitHub Projects Explorer

v1.0.6

Search and analyze trending GitHub repositories by topics, star count, and creation date. Supports filtering by multiple tags, minimum stars, and time range....

2· 1.8k·6 current·6 all-time
bymanifold@manifoldor
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (discover GitHub repos) align with the included Python script and reference doc. All required functionality (topic, stars, days, lang, sort) is implemented and justified.
Instruction Scope
SKILL.md and the script are narrowly scoped to building and issuing GitHub search requests. The only actionable system instruction suggested is optionally exporting GITHUB_TOKEN (including an example that appends it to ~/.zshrc) — standard but worth noting because it writes a secret to a shell rc file if followed verbatim.
Install Mechanism
No install spec; this is instruction-only with a small Python script that uses the standard library (urllib). Nothing is downloaded or written by the skill itself during installation.
Credentials
No required env vars are declared; the only optional environment variable used is GITHUB_TOKEN, which is appropriate and expected for increasing GitHub API rate limits. No other credentials or unrelated environment access is requested.
Persistence & Privilege
Skill does not request always:true, does not modify other skills or system-wide settings, and runs as a one-off script. The only persistence hinted in docs is an optional user action (adding GITHUB_TOKEN to ~/.zshrc).
Assessment
This skill appears coherent and implements only GitHub search functionality. Before running: (1) review the included Python script (it uses only the Python stdlib and calls api.github.com); (2) prefer exporting GITHUB_TOKEN in a secure session (export GITHUB_TOKEN=...) rather than echoing it into shell rc files if you want to avoid storing secrets in plaintext configs; (3) create a token with minimal privileges (searching public repos does not require repo scopes) and avoid pasting tokens into logs or screenshots. If you need stronger isolation, run the script in a disposable environment (container/VM).

Like a lobster shell, security has layers — review code before you run it.

latestvk970z1sp79a8b1z7974a0xwsr183tgs1

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments