ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Github Custom

v1.0.0

Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.

0· 62·0 current·0 all-time
by@mrherojack·duplicate of @makforce/github-1-0-0
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name/description and SKILL.md consistently describe a gh CLI wrapper for GitHub operations — that purpose is coherent. However, the skill does not declare the gh CLI as a required binary or any authentication variables, which would normally be expected for a GitHub CLI skill.
Instruction Scope
SKILL.md only contains concrete gh CLI commands (pr/checks, run list/view, gh api usage, --json/--jq examples). It does not instruct reading unrelated files, contacting arbitrary external endpoints, or collecting extra system data.
Install Mechanism
This is instruction-only with no install spec and no code files — low install risk. Nothing will be downloaded or written by an installer.
Credentials
No env vars or primary credential are declared, but the gh CLI typically requires authentication (gh auth) or GITHUB_TOKEN/gh config. The absence of any auth guidance or declared credential is an omission. The skill does not request unrelated secrets.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent/system-wide modifications in its instructions or manifest.
What to consider before installing
This skill appears to be a simple set of instructions for using the gh CLI, but there are some red flags you should consider before installing: - The SKILL.md assumes the gh CLI and authenticated GitHub access, but the skill metadata does not declare gh as a required binary nor does it declare any credential variables. Verify the runtime environment will have gh installed and authenticated (gh auth login or a valid GITHUB_TOKEN) before relying on this skill. - The included _meta.json ownerId and slug differ from the registry metadata shown; this mismatch suggests packaging or provenance issues. Prefer skills with a clear homepage or known publisher; contact the publisher or registry to confirm the origin. - Although the instructions are limited to gh commands, gh api and gh run view could access or transmit repository data; only install this skill if you trust the agent's ability to run commands and the repositories it will access. - If you want to reduce risk, restrict the skill to manual invocation (do not allow autonomous invocation) and confirm which repository names the skill will be allowed to operate on. If you can verify the publisher, ensure gh is installed and authenticated, and you accept that the agent may run gh commands against repositories, this skill is usable; otherwise treat it as untrusted until provenance and auth details are clarified.

Like a lobster shell, security has layers — review code before you run it.

latestvk970wvkb168gka92rb05msmq4983zhx9

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments