ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Nm Imbue Diff Analysis

v1.0.0

Analyze changesets with risk scoring, categorization by type/impact, and release note preparation

0· 54·1 current·1 all-time
by@athola
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and the provided modules (git-diff patterns, semantic categorization, risk framework) align with a changeset analysis/release-note workflow. Use of git and optional 'sem' tooling is expected for this purpose.
Instruction Scope
The SKILL.md explicitly instructs the agent to gather git workspace context (git log/diff/counts) and to use sanctum:git-workspace-review to collect repository context. That collection is coherent for diff analysis but it means the agent will read local repository contents and metadata. The skill also instructs use of imbue:proof-of-work and imbue:structured-output to capture and format artifacts; where those artifacts are stored or sent is not described in this skill and should be validated.
Install Mechanism
Instruction-only skill with no install spec and no bundled code. No files are downloaded or executed by the skill itself, which lowers installation risk.
Credentials
The skill requests no environment variables or external credentials. It does declare a required config path (night-market.imbue:proof-of-work) — plausible for storing analysis evidence, but the destination, retention, or access control for that config entry is not described and should be checked to ensure it doesn't cause unintended data exposure.
Persistence & Privilege
always is false and autonomous invocation is allowed by default (platform behavior). The skill does not request elevated system-wide privileges or claim to modify other skills' configurations; however it integrates with other skills that may persist artifacts (see proof-of-work).
What to consider before installing
This skill appears to legitimately perform diff analysis, but it relies on helper skills/modules that will read your repository and capture 'proof-of-work' artifacts. Before installing or running it: (1) inspect what imbue:proof-of-work and imbue:structured-output actually do — where are artifacts stored or transmitted and who can access them; (2) confirm sanctum:git-workspace-review runs locally and does not upload repository contents to an external service; (3) run the skill on a non-sensitive test repository first; (4) if you have sensitive secrets in your repo, ensure the skill (and the referenced helpers) are configured to redact or never transmit those files. If you cannot verify where proof-of-work artifacts go, avoid using the skill with private code.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🦞 Clawdis
Confignight-market.imbue:proof-of-work
latestvk97ds9wx3fk6wg8zqy2s5cy8gn84pj63
54downloads
0stars
1versions
Updated 6d ago
v1.0.0
MIT-0
@athola
latest
Download

Night Market Skill — ported from claude-night-market/imbue. For the full experience with agents, hooks, and commands, install the Claude Code plugin.

Table of Contents

Diff Analysis Methodology

Overview

Structured method for analyzing changesets: categorize changes, assess risks, generate insights. Works for git diffs, configuration changes, API migrations, schema updates, or document revisions.

When To Use

  • Extracting insights from raw change data
  • Categorizing and prioritizing changes before code reviews
  • Preparing release notes or changelogs
  • Assessing migration scope and risk

When NOT To Use

  • Quick context catchup - use catchup instead
  • Full PR review - use review-core with pensive skills

Activation Patterns

Trigger Keywords: diff, changes, release notes, changelog, migration, impact, risk assessment

Auto-Load When: Git diffs present, change analysis requested, impact assessment needed.

Progressive Loading

Load modules based on workflow stage:

Always Load

  • modules/semantic-categorization.md for change categorization workflow

Conditional Loading

  • modules/risk-assessment-framework.md when risk assessment is needed
  • modules/git-diff-patterns.md when working with git repositories

Integration

  • Use sanctum:git-workspace-review for git data gathering
  • Use imbue:proof-of-work for capturing analysis evidence
  • Use imbue:structured-output for formatting final deliverables

Required TodoWrite Items

  1. diff-analysis:baseline-established
  2. diff-analysis:changes-categorized
  3. diff-analysis:risks-assessed
  4. diff-analysis:summary-prepared

Mark each item complete as you finish the corresponding step.

4-Step Methodology

Step 1: Establish Baseline (diff-analysis:baseline-established)

Define comparison scope: what states are being compared, boundary of analysis, and scale metrics.

For git contexts, load modules/git-diff-patterns.md. For other contexts, compare relevant artifacts.

Step 2: Categorize Changes (diff-analysis:changes-categorized)

Group changes by semantic type. Load modules/semantic-categorization.md for change categories, semantic categories, and prioritization.

Step 3: Assess Risks (diff-analysis:risks-assessed)

Evaluate impact. Load modules/risk-assessment-framework.md for risk indicators, levels, and scoring methodology.

Step 4: Prepare Summary (diff-analysis:summary-prepared)

Synthesize findings: theme, scope with counts, risk level, review focus, dependencies. Format for downstream consumption (PR descriptions, release notes, reviews).

Exit Criteria

  • All TodoWrite items completed with categorized changes and risk assessment
  • Downstream workflows have semantic understanding of the changeset
  • Summary ready for appropriate consumption (review, release notes, planning)

Troubleshooting

Common Issues

Command not found Ensure all dependencies are installed and in PATH

Permission errors Check file permissions and run with appropriate privileges

Unexpected behavior Enable verbose logging with --verbose flag

Comments

Loading comments...