Back to skill
Skillv1.0.0
ClawScan security
TPM Copilot · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 24, 2026, 10:06 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- This TPM Copilot skill appears to do what it claims (pulling from Jira/Linear/GitHub/calendars and producing reports/alerts) and the scripts are consistent with that purpose, but it expects multiple external API credentials and will read/write a workspace in your home directory — review credentials and config before use.
- Guidance
- This package is internally consistent with its claimed purpose, but you should: (1) review and place API credentials deliberately — use least-privilege tokens (e.g., project-scoped Jira tokens, machine/service accounts where possible), (2) inspect the generated workspace ($HOME/.openclaw/workspace/tpm by default) and config.json before running, (3) be aware scripts can create Jira issues and post to Slack/email — test with a sandbox project/webhook first, (4) avoid supplying org-wide admin tokens: prefer individual or service-account tokens with limited scopes, (5) verify gh CLI is authenticated to the correct GitHub account and test gh commands manually, and (6) if you need the registry to reflect required env vars, ask the publisher to update metadata so automated permission checks can be accurate.
Review Dimensions
- Purpose & Capability
- okThe name/description align with the included scripts: they query Jira, Linear, GitHub (via gh or token), parse meeting notes, build reports, track risks/dependencies and optionally post to Slack or email. Required tools and data sources mentioned in SKILL.md are appropriate for a TPM/PM automation tool.
- Instruction Scope
- concernRuntime instructions and scripts read and write the user's TPM workspace (default: $HOME/.openclaw/workspace/tpm), process meeting notes, and call external APIs (Jira, Linear, GitHub via gh, Slack webhook, possible email providers). That scope is expected given the purpose, but the skill will attempt network calls and create tickets/alerts when configured — confirm you want those actions. Also, SKILL.md and scripts reference environment variables and config paths that were not declared in the registry metadata (see environment_proportionality).
- Install Mechanism
- okThere is no install spec (instruction-only), and included scripts are executed in-place. The scripts prompt the user to install 'requests' and require the 'gh' CLI for GitHub operations; no remote downloads or obscure installers are used in the provided files.
- Credentials
- concernThe skill expects multiple credentials and configuration: JIRA_BASE_URL/JIRA_EMAIL/JIRA_API_TOKEN, LINEAR_API_KEY, GITHUB_TOKEN or gh CLI auth, SLACK_WEBHOOK_URL, calendar/email API keys, and program-specific config.json files. Those credentials are proportionate to the described integrations, but the registry metadata lists no required env vars — the omission is a mismatch you should be aware of. Ensure you provide least-privilege API tokens and avoid using highly-privileged or shared organization-wide tokens.
- Persistence & Privilege
- okThe skill writes to and reads from a workspace directory it creates (config.json, state.json, programs/*, meetings/*, risks/*, dependencies/*). It does not request always:true or modify other skills; workspace persistence and file writes are normal for this type of tool. Review files it creates and their locations before running.