ClawHub

Github

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a coherent instruction-only GitHub CLI skill, but it will use your local GitHub CLI setup and includes broad `gh api` capability.

This skill appears safe for normal GitHub CLI use. Before installing or using it, make sure your local `gh` CLI is trusted, confirm which GitHub account is authenticated, and review any command that writes, deletes, merges, posts, or uses `gh api` beyond read-only queries.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI02: Tool Misuse and Exploitation
Low
What this means

If used beyond the examples, the agent could ask the GitHub CLI to perform broader account or repository actions through the API.

Why it was flagged

`gh api` is a broad GitHub API interface. The shown example is read-only, and this is purpose-aligned, but users should review any generated API endpoint, method, or payload before allowing actions beyond queries.

Skill content
The `gh api` command is useful for accessing data not available through other subcommands.
Recommendation

Review `gh api` commands carefully, especially any that use POST, PATCH, PUT, or DELETE methods, and confirm the target repository and endpoint.

#
ASI03: Identity and Privilege Abuse
Low
What this means

Commands may run with the permissions of whichever GitHub account or token is currently configured in the local `gh` CLI.

Why it was flagged

The skill is expected to use GitHub access, and `gh` commonly uses the user's existing local GitHub authentication. The metadata does not declare a credential, but the artifacts do not show credential capture, logging, or unrelated account use.

Skill content
Description: Interact with GitHub using the `gh` CLI... Primary credential: none
Recommendation

Check `gh auth status` and use a least-privileged GitHub account or token for the repositories you intend the agent to access.

#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

The skill will only work safely if the user already has a trusted GitHub CLI installed and configured.

Why it was flagged

The skill depends on the external `gh` CLI according to its instructions, but the metadata does not declare that dependency. This is a metadata completeness issue rather than evidence of hidden code.

Skill content
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill.
Recommendation

Install GitHub CLI from an official source if needed, keep it updated, and verify the binary being used is the expected `gh` executable.