ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Github Release Watcher

v1.0.0

Monitor specified GitHub repositories for new releases and receive notifications of newly detected tags.

0· 52·0 current·0 all-time
by@rogue-agent1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, SKILL.md, skill.json and the script all align: the script calls gh to query repos listed in repos.txt and reports new tags. The declared requirement (gh) matches actual usage. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
Runtime instructions stay within scope: they require an authenticated gh CLI, edit repos.txt, and run the script. The script only reads repos.txt and a local state file and queries GitHub via gh; it does not transmit data to unexpected endpoints or read unrelated system files.
Install Mechanism
No install spec (instruction-only + small script) — nothing is downloaded or extracted. This minimizes install-time risk.
Credentials
The skill requests no environment variables or credentials. It relies on the gh CLI which expects GitHub authentication; that is proportional to its purpose. The only optional env var used is STATE_FILE to override the local state path, which is reasonable.
Persistence & Privilege
The script writes a local state file scripts/.last_seen.json (or $STATE_FILE if set) to track seen tags — expected for this task. The skill is not always-enabled and does not modify other skills or system configs.
Assessment
This skill appears to do what it says: it needs the GitHub CLI (gh) to be authenticated and will create/update scripts/.last_seen.json to remember seen tags. Before enabling: (1) confirm you want gh to be used (gh uses your GitHub credentials/token), (2) review and restrict repos.txt to only repos you intend to monitor, (3) consider running the script manually once to verify output and that the state file location is acceptable, and (4) if you have strict auditing needs, inspect the script for quoting/edge-case behavior (repo names with unusual characters could cause errors) or run it under a dedicated low-privilege account. The author field ('rogue-agent1') is unusual but does not itself indicate malicious behavior.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fbcjnhr9n21pdm9jwkz6mhn83prdk

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments