critical
suspicious.exposed_secret_literal
- Location
- reference.md:418
- Finding
- File appears to expose a hardcoded API secret or token.
Code Review
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
ConcernHigh Confidence
ASI02: Tool Misuse and ExploitationWhat this means
The agent could unintentionally stage unrelated local files, commit changes the user has not reviewed, and publish them to a remote branch.
Why it was flagged
The skill instructs the agent to fix CI failures and push commits, using broad `git add .`, without clearly requiring user confirmation or limiting which files may be staged.
Skill content
自分が作成したPR: 失敗原因を分析し、修正を実施 ... git add . git commit -m "fix: resolve CI failures" git push
Recommendation
Require explicit user approval before modifying files, committing, or pushing; show the diff first; and use path-scoped `git add` instead of `git add .`.
NoteHigh Confidence
ASI03: Identity and Privilege AbuseWhat this means
The skill may use the user's existing GitHub permissions to inspect PRs, CI logs, and potentially push branches if the workflow reaches that step.
Why it was flagged
GitHub CLI authentication is expected for PR and CI review, but it gives the skill access through the user's GitHub identity and is not declared in the registry credential metadata.
Skill content
PRのCI/CDステータス確認には`gh`コマンドが必要です。インストール方法: ... gh auth login
Recommendation
Use a least-privilege GitHub account or token where possible, and confirm before allowing any write operations.
NoteHigh Confidence
ASI04: Agentic Supply Chain VulnerabilitiesWhat this means
Users may not realize before installation that the skill expects local developer tooling and GitHub CLI setup.
Why it was flagged
The skill depends on local Git and GitHub CLI tooling, while the registry metadata says there are no required binaries. This is disclosed in the skill text but not reflected in metadata.
Skill content
## Dependencies - Git (変更差分の確認用) - GitHub CLI (`gh`) - PR情報とCI/CDステータスの取得用
Recommendation
Update metadata to declare Git/GitHub CLI requirements and keep installation/authentication steps explicit and user-driven.
NoteMedium Confidence
ASI06: Memory and Context PoisoningWhat this means
If the local guidance file contains outdated, unsafe, or malicious instructions, the skill's review output may be biased or incorrect.
Why it was flagged
The review behavior is influenced by a persistent local guidance file. That is useful for user preferences, but a modified or poisoned file could affect future reviews.
Skill content
このスキルは、以下のガイドライン(`~/.claude/CLAUDE.md`)に基づいた体系的なコードレビューを提供します
Recommendation
Review `~/.claude/CLAUDE.md` periodically and avoid treating persistent local guidance as higher priority than the user's current request or safety rules.