Back to skill
Skillv0.1.0
ClawScan security
Forgejo · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:28 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it simply wraps the 'tea' CLI to interact with Forgejo and only asks to install/use that binary; nothing requested appears unrelated to the stated purpose.
- Guidance
- This skill is a thin wrapper around the tea CLI and is coherent with its description, but review these practical points before installing: 1) Installation: brew and go are standard install methods; prefer the package source you trust (Homebrew formula or the upstream Go module). 2) Tokens: you'll provide a Forgejo token via 'tea login add' and the token will be stored/managed by the tea CLI — only use tokens for Forgejo instances you trust. 3) Sensitive operations: the skill documents commands to list repo secrets/variables; those commands require appropriate repository permissions and expose sensitive data if run against a repository. 4) Missing requirement: the docs suggest using 'jq' for filtering but jq isn't declared as a required binary — install jq if you rely on that example. If you need greater assurance, verify the Homebrew formula source or the Go module repository (code.gitea.io/tea) before installing.
Review Dimensions
- Purpose & Capability
- okName and description map directly to the behavior in SKILL.md. The skill declares and requires the 'tea' CLI and provides brew/go install options for the same 'tea' project (code.gitea.io/tea), which is proportional to a Forgejo integration.
- Instruction Scope
- noteRuntime instructions stick to running 'tea' commands (pulls, issues, actions, api, login). They include operations that access repository secrets/variables (sensitive but expected for a repo management CLI). The docs mention using 'jq' to filter API output but 'jq' is not declared as a required binary — minor inconsistency. There are no instructions to read unrelated local files or environment variables.
- Install Mechanism
- okInstall options are standard: a Homebrew formula and a Go module (code.gitea.io/tea@latest). Both are reasonable ways to obtain the 'tea' CLI; neither uses obscure download URLs or extracts arbitrary archives.
- Credentials
- noteThe skill does not request environment variables or external credentials in its metadata. The SKILL.md instructs users to provide a Forgejo token via 'tea login add --token <your-token>' which is expected. Users should be aware that those tokens will be stored/managed by the 'tea' CLI and are sensitive — the skill itself does not request additional unrelated credentials.
- Persistence & Privilege
- okSkill is not always-enabled and does not request elevated or cross-skill configuration changes. It relies on installing/using the 'tea' binary only; there is no indication it modifies other skills or system-wide agent settings beyond installing the CLI.