Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
polish
v2.2.0Pre-release code review - runs lint/type checks, then launches 3 parallel review agents (cleanliness, design, efficiency) to analyze the diff, synthesizes a...
⭐ 0· 38·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (pre-release code review) align with the instructions and the included test fixtures (cleanliness, design, efficiency). The skill does not request unrelated credentials or binaries. However, the SKILL.md instructs launching model-backed agents (Agent tool with model: "opus") while the skill metadata sets disable-model-invocation: true — this is an internal inconsistency about whether the skill may invoke models.
Instruction Scope
Instructions explicitly run git commands, read diffs and open every changed file (which is expected for code review). They also direct the agent to package the full diff and changed-file context and send it to three parallel agents (model: "opus"). Sending full repository diffs to an external model is expected for automated reviews but is a sensitive action: the SKILL.md gives the agent broad discretion to read and transmit full code diffs. Confirm where the receiving model runs and how data is handled/stored.
Install Mechanism
No install spec and no runtime dependencies — lowest-risk installation footprint. The repository only includes evaluation fixture setup scripts and tests; nothing is downloaded or written to system paths by an installer.
Credentials
The skill declares no required environment variables, credentials, or config paths. The runtime instructions reference project files (CLAUDE.md, git state) only — which is appropriate for a local code-review tool.
Persistence & Privilege
Flags show always:false and user-invocable:true; the skill does not request permanent presence or elevated privileges. It does not modify other skills or system-wide settings in the provided materials.
What to consider before installing
This skill appears to do what it says (run lint/type checks, analyze diffs, and synthesize findings), but before installing: 1) confirm the disable-model-invocation:true metadata — the SKILL.md expects to launch model-backed agents (model: "opus"); ask the publisher which model endpoint is used and whether model invocations are actually allowed by the platform; 2) accept that the skill explicitly reads full diffs and changed files and instructs sending them to review agents — if your repo contains sensitive or proprietary code, verify the model endpoint's privacy/storage policy or run the skill in an isolated/local environment; 3) because the source/publisher is unknown, consider reviewing SKILL.md and the fixture scripts locally (they only create test repos) and testing on a non-sensitive repo first; 4) if you require guarantees that code never leaves your infrastructure, ask for clarification on where "opus" runs or request a version that performs only local static analysis without external model calls.evals/fixtures/efficiency/setup.sh:62
File read combined with network send (possible exfiltration).
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.Like a lobster shell, security has layers — review code before you run it.
latestvk973bcxkg06zfebbscg1gngrgd845ccg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.