Skillv0.0.3

ClawScan security

GitHub Release Analyzer · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 30, 2026, 2:55 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and resource access line up with its stated purpose of fetching and summarizing GitHub releases; it requires only python3 and stores lightweight state under the user's home directory.
Guidance: This skill appears coherent and implements what it claims: it will run the bundled Python scripts, make public GitHub API calls, and store small JSON state files under ~/.openclaw/workspace/state/github-release-analyzer/. Before installing, consider: (1) the skill will execute Python code included in the package — review the scripts if you want to inspect behavior; (2) cron mode will write and update local state files (so test manual mode first); (3) it makes unauthenticated GitHub API calls and does not support private-repo tokens out of the box; (4) public GitHub API rate limits may apply. If any of these are unacceptable, do not enable automated/crON invocation or modify the code to suit your environment.

Review Dimensions

Purpose & Capability: okName/description match the actual behavior: the code fetches releases from the GitHub Releases API, filters/formats them, renders summaries, and optionally persists processed state. Required binary is only python3 and no unrelated credentials or services are requested.
Instruction Scope: okSKILL.md is explicit and constrained: it instructs running the included python scripts (prepare, render, commit), reading the provided reference files, and following a deterministic pipeline. The only external network calls are to GitHub's API (api.github.com) for release data. It does read and write a local state file (see persistence note) but does not instruct reading arbitrary system files or environment variables.
Install Mechanism: okThere is no install spec; this is run directly as included Python scripts. That is low risk compared with downloading or executing code from arbitrary remote URLs. All code is present in the bundle.
Credentials: okThe skill requests no environment variables or secrets. It makes unauthenticated requests to the public GitHub Releases API (fair for public repos); it does not request GitHub tokens or other unrelated credentials. If you need private-repo access, the skill currently provides no credential flow.
Persistence & Privilege: noteThe skill persists state under ~/.openclaw/workspace/state/github-release-analyzer/{stateKey}.json for cron tracking and updates that file on commit. This persistent local state is expected for cron mode but is worth knowing before enabling automated runs.