ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Open Source Analysis

v1.0.2

Analyze an open source GitHub repository and generate a structured report. Trigger whenever the user provides a GitHub repository URL to analyze, or explicit...

1· 53·0 current·0 all-time
byXudong Guo@sunny0826
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (analyze GitHub repositories) matches the runtime instructions (use GitHub API, read README/commits/issues/PRs). However, the registry metadata lists no required environment variables while SKILL.md explicitly declares and uses GITHUB_TOKEN. That discrepancy is unexpected: a GitHub-analysis skill reasonably may use GITHUB_TOKEN, but the registry should reflect that. Also SKILL.md mentions optionally using the gh CLI (not required) — that's reasonable but not declared in required binaries.
Instruction Scope
SKILL.md limits actions to fetching repository metadata and textual contents (README, commits, issues, PRs) and explicitly warns NEVER to execute repository commands — this scope stays within the stated purpose. It also includes language-detection and strict output formatting rules; those are functional and do not expand scope to unrelated data access.
Install Mechanism
Instruction-only skill with no install spec and no code files. That minimizes on-disk persistence and reduces installation risk.
Credentials
The only sensitive thing the skill references is GITHUB_TOKEN (used to raise API rate limits). Requesting that token is proportionate for heavy GitHub API usage. However, the registry metadata omits this env var while SKILL.md references it — an inconsistency users should notice. No other secrets or config paths are requested.
Persistence & Privilege
always:false and no install code means the skill does not request permanent forced inclusion or elevated platform privileges. Being an instruction-only skill, it doesn't modify other skills or system configs.
What to consider before installing
This skill appears to do what it says: analyze public GitHub repositories and generate a formatted report. Two things to consider before installing/using it: (1) provenance — the skill's source/homepage is unknown; that reduces trust because you can't verify the publisher or audit a code bundle (this skill is instruction-only but still published by an unknown owner). (2) token handling — SKILL.md will look for GITHUB_TOKEN and, if present, add an Authorization header to API calls to avoid rate limits. The registry metadata currently omits that env var, which is a bookkeeping mismatch but important to you: only provide a GitHub token if you trust the skill and follow the principle of least privilege. If you do provide a token, prefer a token with minimal scopes (avoid granting write scopes; for public-repo reads no special scopes are required), or authenticate via the gh CLI rather than exposing a long-lived personal token. Finally, because the skill has no code files and warns not to execute repo content, the immediate technical risk is low — but verify the publisher or ask them to correct the registry metadata (declare GITHUB_TOKEN) before granting credentials or using it with sensitive accounts.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d3e3fpx8wvsyxy1tb09tzm1842h39

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments