Github Stars Tracker

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill appears to manually check GitHub star/fork counts, use a GitHub token only for GitHub API access, and store tracking data locally.

This looks safe to install if you are comfortable running the included Python script, storing a local list of tracked repositories, and using only a minimal GitHub token if one is needed.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

Low

What this means

An over-scoped GitHub token could expose more GitHub authority than this tracker needs, even though the code only shows it being sent to GitHub's API.

Why it was flagged

The script uses a user-provided GitHub token for GitHub API requests. This is expected for the skill's purpose, but GitHub tokens can carry broader account permissions if over-scoped.

Skill content

token = get_github_token()
    if token:
        headers["Authorization"] = f"token {token}"

Recommendation

Use no token for public-only tracking when possible, or use a fine-grained/read-only token with the minimum permissions needed.

#ASI06: Memory and Context Poisoning

Info

What this means

Anyone with access to that local file may see which repositories are being tracked; the artifacts do not show token storage or external sharing of this file.

Why it was flagged

The skill persists the list of tracked repositories and last observed counts in a local home-directory JSON file for later checks.

Skill content

DATA_FILE = os.path.expanduser("~/.github-stars-tracker.json")

Recommendation

Avoid tracking sensitive private repository names on shared machines, and delete `~/.github-stars-tracker.json` if you want to reset stored state.

#ASI04: Agentic Supply Chain Vulnerabilities

Info

What this means

A user may be surprised that the skill needs Python and may use a GitHub token despite the registry-level requirements saying none.

Why it was flagged

The package metadata file declares python3 and GITHUB_TOKEN, while the registry metadata summary lists no required binaries or environment variables. This is a disclosure mismatch, not evidence of hidden code.

Skill content

"requires": {
      "bins": ["python3"],
      "env": ["GITHUB_TOKEN"]
    }

Recommendation

Update the registry metadata/capability declarations to match the included _meta.json and SKILL.md requirements.