Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gogetajob

v1.0.2

Open-source contribution workflow — find GitHub issues, implement fixes, submit PRs, track results. Use when: (1) starting a work loop or contribution cycle...

⭐ 0· 44·0 current·0 all-time

by@kagura-agent

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims to orchestrate finding issues, implementing fixes, and submitting PRs — that purpose justifies use of git, gh, and a code-generation assistant. However, the registry metadata lists no required environment variables or config paths while SKILL.md explicitly requires an authenticated `gh` CLI and a `claude` CLI. Not declaring those credentials/config requirements is incoherent and reduces transparency about what access the skill actually needs.

Instruction Scope

SKILL.md instructs the agent to read local knowledge-base files (knowledge-base/projects/<repo>.md), repo files (CONTRIBUTING.md, git history, tests), and to run `acpx --approve-all claude exec` sending full issue/context to Claude Code. That means potentially large amounts of repository context (and any secrets that appear in that context) would be sent to an external model. The instructions also require the agent to run commands that auto-approve execution (`--approve-all`), which widens what may be executed without manual review.

✓

Install Mechanism

This is an instruction-only skill with no install spec and no code files — lowest install risk. It does instruct use of optional npm package `@kagura-agent/gogetajob` and external CLIs, but it does not itself download or install untrusted archives.

Credentials

The skill will require authentication for GitHub (`gh auth status`) and for the Claude CLI, and practical use expects git configuration and possibly an npm-installed CLI. None of these credentials or config paths are declared in the metadata. Asking users to run commands that send repo context to an external model without declaring required credentials is disproportionate and lacks transparency.

✓

Persistence & Privilege

The skill does not request always: true or other elevated persistence. It does not include an install step that modifies other skills or system-wide agent settings. Normal autonomous invocation remains possible (platform default).

What to consider before installing

This skill broadly matches its stated purpose, but there are important mismatches and privacy risks to consider before using it: - It expects an authenticated `gh` CLI and a `claude` CLI (Anthropic/Claude) but the registry metadata declares no required credentials — confirm what tokens/keys it needs and why. - The workflow instructs sending repository context and issue details to Claude via `acpx --approve-all claude exec`. That can leak code and any secrets accidentally present in the repo or knowledge-base files to an external service and the `--approve-all` flag may auto-run actions without review. - Ask the publisher for provenance (who maintains this skill, repo/homepage). If you must try it: run only in an isolated/dev environment, review all commands (avoid `--approve-all`), ensure sensitive files are excluded from prompts, and ensure your GitHub/Claude credentials are scoped minimally (use disposable tokens). Prefer a skill that declares required env vars/config paths explicitly.

Like a lobster shell, security has layers — review code before you run it.

latestvk9743c4vqmp6y9t8t146v8284583yp70

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Gogetajob

License

Comments