Back to skill
Skillv1.0.0
ClawScan security
github-fetcher · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 12, 2026, 7:42 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it declares and uses curl to fetch public GitHub content and its instructions match the described purpose.
- Guidance
- This skill appears coherent and low-risk: it only needs curl and instructs the agent to fetch public GitHub files for analysis. Keep in mind: (1) public-only — it won’t access private repos unless you supply a GitHub token (the skill does not request one), (2) GitHub rate limits apply for unauthenticated calls (60/hr), and (3) fetched code should never be executed by the agent unless you explicitly instruct it to run code — fetching and analyzing are separate actions. If you plan to analyze private repositories, review and approve any mechanism that supplies an auth token, and consider rate limits and data-volume implications before enabling the skill.
Review Dimensions
- Purpose & Capability
- okName and description (fetch/analyze GitHub repos) match the declared requirement (curl) and the runtime instructions (use GitHub API and raw.githubusercontent URLs). There are no unrelated binaries, env vars, or config paths requested.
- Instruction Scope
- okSKILL.md confines actions to fetching content from GitHub (api.github.com and raw.githubusercontent.com) and gives branch-fallback tips. It does not instruct reading local files, other env vars, or exfiltrating data to external endpoints.
- Install Mechanism
- okInstruction-only skill with no install spec or downloads; lowest-risk model for installation because nothing is written to disk by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are requested. This is proportionate for a skill targeting public GitHub content. Note: it cannot access private repos without an auth token, and the SKILL.md does not request one.
- Persistence & Privilege
- okFlags show default behavior (not always:true). The skill does not request persistent presence or elevated privileges and does not modify other skills or system-wide settings.