TPM Copilot
ReviewAudited by ClawScan on May 10, 2026.
Overview
TPM Copilot mostly matches its project-management purpose, but one Jira ticket-creation workflow can act on a global action list rather than the selected program, so users should review its scope carefully.
Install only if you are comfortable granting it access to your project-management and source-control systems. Use restricted tokens, review `tpm/config.json`, verify Slack/email destinations, and do not run `action-tracker.sh --create-tickets` until you have inspected the action list and confirmed it is limited to the intended program/project.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user runs `--create-tickets`, it may create Jira tickets outside the intended program scope or in the wrong/default project.
The script accepts a `--program` argument but uses the global `meetings/actions.json` file and then creates Jira tickets for all open actions, defaulting to project `TASK` when no project is set.
--program) PROGRAM="$2"; ... actions_file = os.path.join(base_dir, "meetings", "actions.json") ... for a in open_actions: ... requests.post(f"{jira_url}/rest/api/3/issue", ... "project": {"key": a.get("project", "TASK")})Filter actions by program, require an explicit Jira project, show a dry run, and ask for confirmation before creating tickets in bulk.
Tokens or authenticated CLI sessions may let the skill read project data and, in some workflows, create or post information.
The skill needs credentials or existing authenticated sessions for multiple business systems. This is expected for the integration, but it is sensitive account access.
Jira — `JIRA_BASE_URL`, `JIRA_EMAIL`, `JIRA_API_TOKEN` ... Linear — `LINEAR_API_KEY` ... GitHub — uses `gh` CLI (already authenticated) or `GITHUB_TOKEN` ... Slack — `SLACK_WEBHOOK_URL`
Use least-privileged tokens, restrict Jira/GitHub scopes to the needed projects/repos, protect `config.json`, and rotate credentials if the workspace is shared.
Sensitive meeting details, names, due dates, and source file paths may remain in the local workspace and can later influence ticket creation.
Meeting-note action items are extracted and persisted to a reusable local action store.
actions.append({"description": a, "owner": owner, "due_date": due, "status": "open", "source_file": notes_file, ...}) ... with open(actions_file, "w") as f: json.dump(existing, f, indent=2)Process only trusted meeting notes, review extracted actions before reuse, and periodically clean or archive the action store.
Program or dependency details can leave the local workspace and appear in the configured Slack destination.
When alerting is enabled, dependency information is sent to a configured Slack webhook.
webhook = global_config.get("slack", {}).get("webhook_url", "") or os.environ.get("SLACK_WEBHOOK_URL", "") ... requests.post(webhook, json={"text": text}, timeout=10)Verify the webhook URL and channel, avoid using broad/shared webhooks for confidential programs, and use Slack webhooks with limited access.
The local environment and package/CLI provenance affect how safely the skill runs.
Setup depends on a user-installed Python package and GitHub CLI, but the registry has no install spec or pinned dependency versions.
pip3 install requests For GitHub: install `gh` CLI and authenticate (`gh auth login`).
Install dependencies from official sources, consider pinning package versions, and declare these requirements in metadata.