GitHub Auto Reply
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A misconfigured template or trigger could post unwanted public replies, though the artifact does not show hidden or destructive behavior.
The workflow automatically posts an issue comment whenever a new issue is opened. This is the advertised function, but it is still a repository mutation and may create public-facing output.
on:
issues:
types: [opened]
...
github.rest.issues.createComment({ ... body: reply })Review the reply text, test in a noncritical repository, and consider narrower triggers or manual approval if public replies require review.
The repository's Actions policy could become broader than necessary, and unpinned action versions can change over time.
The setup depends on an external GitHub Action pinned only to a major version and suggests enabling all Actions rather than only the needed action.
uses: actions/github-script@v6 ... 仓库 Settings > Actions > Allow all actions
Pin the action to a trusted immutable version or commit SHA, and prefer allowing only the required trusted Actions instead of enabling all Actions.
The workflow needs permission to write issue comments, and broad default GitHub token permissions may grant more access than this task needs.
The workflow uses GitHub API authority from the Actions runtime to write issue comments. This is expected for the integration, and no token logging or unrelated credential use is shown.
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: reply
});Add an explicit least-privilege permissions block, such as issue-comment write access only, and avoid using personal tokens for this workflow.