ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Batch Migration Orchestrator

v1.0.0

Use when the user wants a large, mechanical change split into many independent units and executed in parallel with isolated workers and PRs.

0· 23·0 current·0 all-time
by@wimi321
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description align with the SKILL.md: it plans and parallelizes large codebase migrations. However, the workflow explicitly references inspecting the repo, creating isolated branches/worktrees, launching workers, and producing PRs/patches — capabilities that typically require git and VCS credentials, yet the skill declares no required binaries or credentials.
Instruction Scope
Instructions are concrete and limited to decomposition, verification, and parallel execution. They instruct the agent to read the repository, split units, validate each unit, and collect PRs/patches. That is in-scope for a migration orchestrator, but the instructions implicitly require repository access and the ability to push/merge (or at least produce patches) which are not documented or constrained.
Install Mechanism
Instruction-only skill with no install spec and no code files to execute. This minimizes installation risk — nothing will be downloaded or written by an install step.
!
Credentials
The skill may need git, network access to remotes, and tokens for creating pushes/PRs, but it declares no required environment variables or primary credential. That absence is a proportionality gap: orchestration that creates PRs normally requires credentials (SSH keys or API tokens); the skill neither requests nor documents those, so it's unclear what privileges the agent will use to perform write operations.
Persistence & Privilege
always:false (good). Model invocation is allowed (default), meaning the agent can run this skill autonomously; combined with the environment/credential gap, that raises the blast radius if the agent has repository write permissions. The skill does not request persistent installation or modify other skills.
What to consider before installing
This skill appears to be a reasonable blueprint for splitting and running large code migrations, but it assumes the agent can read and modify the repository and create PRs/patches without documenting required tools or credentials. Before using it: (1) verify what repository access the agent will actually have (read-only vs write/push), (2) avoid granting broad credentials — use a scoped token or run on a fork/CI runner with limited rights, (3) prefer a dry-run mode where the skill only produces patches rather than pushing them, and (4) require human review/approval before any worker pushes branches or opens PRs. If you need this to run fully autonomously, require the skill to explicitly declare required binaries (git) and the exact credential mechanism it will use.

Like a lobster shell, security has layers — review code before you run it.

claude-codevk979d3dey7wrx2b6163vvdkrmd843kxvextractedvk979d3dey7wrx2b6163vvdkrmd843kxvlatestvk979d3dey7wrx2b6163vvdkrmd843kxv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments