ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Repo Kanban PM

v0.1.1

Install and enforce a lightweight product-management workflow inside a code repo: feature-as-kanban boards, ROADMAP status tracking, branch/PR conventions, a...

0· 359·0 current·1 all-time
by@michailbul
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's files and instructions align with the stated goal: it creates docs/pm, per-feature KANBAN files, bug intake, and patches AGENTS.md. There are no unrelated credentials or obviously extraneous capabilities in the bundle.
Instruction Scope
SKILL.md and the scripts stay within repo setup/PM enforcement. However, the optional cron payload text instructs the scheduled agent to run checks like `gh pr list` and `npx tsc --noEmit` (the latter can fetch/execute code via npm). While these commands are reasonable for a PM audit, they introduce the possibility of network activity and code execution when the cron-triggered agent runs. The scripts themselves do not immediately execute those commands, but they configure a scheduled autonomous job that will be asked to perform them.
Install Mechanism
This is an instruction-only skill with small helper scripts; nothing is downloaded or extracted and no install spec is present. Risk from install mechanism is low.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. One minor inconsistency: the add_daily_pm_cron.sh script invokes the `openclaw` CLI, but the skill metadata does not declare any required binary; if `openclaw` isn't present the cron-add step will fail. No secrets are requested or needed by the scripts.
Persistence & Privilege
The skill does not force permanent inclusion (always:false). However, the optional add_daily_pm_cron.sh creates an autonomous scheduled agent job (via `openclaw cron add --announce`) that will run daily and perform repo reads and lightweight checks. That scheduled job can execute commands (e.g., gh, npx) and broadcasts the repo path in the cron description/announcement — consider this persistence/autonomy when enabling the cron.
What to consider before installing
This skill appears to do what it promises (create ROADMAP/KANBAN templates and patch AGENTS.md). Before using it: 1) Inspect the two scripts in the repo and test them in a safe environment (a disposable clone or container). 2) If you enable the optional cron, be aware it schedules an autonomous agent run that may call `gh` and run `npx` in the repo — these actions can fetch code or network resources and will include the repo path in the cron announcement. Only enable the cron if you trust the OpenClaw environment/agent (`persey`) and the `openclaw` CLI behavior. 3) If you cannot trust autonomous agents or need stricter control, run init_repo_pm.sh manually and do not add the cron, or remove/adjust the cron message so it doesn't instruct potentially unsafe commands. 4) Consider adding the created documentation via a PR so maintainers can review changes to AGENTS.md and docs before merging.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cqevj4888s5rmhkhc1jxm5d81x3rf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments