ClawHub
Back to skill

Security audit

Github_tracker

Security checks across malware telemetry and agentic risk

Overview

This GitHub activity tracker is mostly purpose-aligned, but it is hardcoded to a specific organization while asking users for their own org settings and it handles broad private-repository activity data.

Review this before installing. Only use it if you intend to monitor the hardcoded OpenPecha team or you are prepared to edit the code to your intended organization and team. Use a least-privilege read-only GitHub token limited to the needed repositories, protect state.json and monitor logs, remove the bundled sample state from any shared copy, and enable the cron/channel posting only after confirming exactly what will be reported.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3107)

Dynamic attribute access via getattr()

Low
Category
Dangerous Code Execution
Content
_fmt.converter = time.gmtime
    _handler.setFormatter(_fmt)
    logging.basicConfig(
        level=getattr(logging, _lvl, logging.INFO),
        handlers=[_handler],
        force=True,
    )
Confidence
50% confidence
Finding
level=getattr(logging, _lvl, logging.INFO),

Natural-Language Policy Violations

Low
Confidence
94% confidence
Finding
The automation schedule states it runs daily at 10:00 AM IST, which imposes a specific locale/timezone in the natural-language description. The file does not offer a timezone choice or explain that the skill is intended only for an India-based organization or region-specific workflow.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
This code fetches team membership using a GitHub token and logs the full member list, then later persists per-user commit activity metadata and breakdowns to state.json. Although there is logging, it is not a user disclosure of the privacy-impacting behavior, and there is no confirmation prompt, comment, or docstring warning that the script stores and logs identifiable activity data.

External Transmission

Medium
Category
Data Exfiltration
Content
"incomplete_results": false,
                "items": [
                    {
                        "url": "https://api.github.com/repos/OpenPecha/Assistant-Agent/commits/357e776ce9d11883bdfa7d606d6fbba2f949388c",
                        "sha": "357e776ce9d11883bdfa7d606d6fbba2f949388c",
                        "node_id": "MDY6Q29tbWl0MTEzOTc0MDAwMzozNTdlNzc2Y2U5ZDExODgzYmRmYTdkNjA2ZDZmYmJhMmY5NDkzODhj",
                        "html_url": "https://github.com/OpenPecha/Assistant-Agent/commit/357e776ce9d11883bdfa7d606d6fbba2f949388c",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"sha": "357e776ce9d11883bdfa7d606d6fbba2f949388c",
                        "node_id": "MDY6Q29tbWl0MTEzOTc0MDAwMzozNTdlNzc2Y2U5ZDExODgzYmRmYTdkNjA2ZDZmYmJhMmY5NDkzODhj",
                        "html_url": "https://github.com/OpenPecha/Assistant-Agent/commit/357e776ce9d11883bdfa7d606d6fbba2f949388c",
                        "comments_url": "https://api.github.com/repos/OpenPecha/Assistant-Agent/commits/357e776ce9d11883bdfa7d606d6fbba2f949388c/comments",
                        "commit": {
                            "url": "https://api.github.com/repos/OpenPecha/Assistant-Agent/git/commits/357e776ce9d11883bdfa7d606d6fbba2f949388c",
                            "author": {
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"html_url": "https://github.com/OpenPecha/Assistant-Agent/commit/357e776ce9d11883bdfa7d606d6fbba2f949388c",
                        "comments_url": "https://api.github.com/repos/OpenPecha/Assistant-Agent/commits/357e776ce9d11883bdfa7d606d6fbba2f949388c/comments",
                        "commit": {
                            "url": "https://api.github.com/repos/OpenPecha/Assistant-Agent/git/commits/357e776ce9d11883bdfa7d606d6fbba2f949388c",
                            "author": {
                                "date": "2026-03-24T10:36:52.000+05:30",
                                "name": "TenzDelek",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
},
                            "message": "synchronizing variables with user prompt",
                            "tree": {
                                "url": "https://api.github.com/repos/OpenPecha/Assistant-Agent/git/trees/aa946825506b60544bb8192b4b038de2f1beecfb",
                                "sha": "aa946825506b60544bb8192b4b038de2f1beecfb"
                            },
                            "comment_count": 0
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"node_id": "U_kgDOB07rTQ",
                            "avatar_url": "https://avatars.githubusercontent.com/u/122612557?v=4",
                            "gravatar_id": "",
                            "url": "https://api.github.com/users/TenzDelek",
                            "html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"gravatar_id": "",
                            "url": "https://api.github.com/users/TenzDelek",
                            "html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"url": "https://api.github.com/users/TenzDelek",
                            "html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
                            "received_events_url": "https://api.github.com/users/TenzDelek/received_events",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
                            "received_events_url": "https://api.github.com/users/TenzDelek/received_events",
                            "type": "User",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
                            "received_events_url": "https://api.github.com/users/TenzDelek/received_events",
                            "type": "User",
                            "user_view_type": "public",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
                            "received_events_url": "https://api.github.com/users/TenzDelek/received_events",
                            "type": "User",
                            "user_view_type": "public",
                            "site_admin": false
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"node_id": "U_kgDOB07rTQ",
                            "avatar_url": "https://avatars.githubusercontent.com/u/122612557?v=4",
                            "gravatar_id": "",
                            "url": "https://api.github.com/users/TenzDelek",
                            "html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"gravatar_id": "",
                            "url": "https://api.github.com/users/TenzDelek",
                            "html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"url": "https://api.github.com/users/TenzDelek",
                            "html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"html_url": "https://github.com/TenzDelek",
                            "followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"followers_url": "https://api.github.com/users/TenzDelek/followers",
                            "following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"following_url": "https://api.github.com/users/TenzDelek/following{/other_user}",
                            "gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"gists_url": "https://api.github.com/users/TenzDelek/gists{/gist_id}",
                            "starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
                            "received_events_url": "https://api.github.com/users/TenzDelek/received_events",
Confidence
50% confidence
Finding
https://api.github.com/

External Transmission

Medium
Category
Data Exfiltration
Content
"starred_url": "https://api.github.com/users/TenzDelek/starred{/owner}{/repo}",
                            "subscriptions_url": "https://api.github.com/users/TenzDelek/subscriptions",
                            "organizations_url": "https://api.github.com/users/TenzDelek/orgs",
                            "repos_url": "https://api.github.com/users/TenzDelek/repos",
                            "events_url": "https://api.github.com/users/TenzDelek/events{/privacy}",
                            "received_events_url": "https://api.github.com/users/TenzDelek/received_events",
                            "type": "User",
Confidence
50% confidence
Finding
https://api.github.com/

VirusTotal

39/39 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.