Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
argus
v1.0.0Incremental backend API + frontend browser testing with persistent memory. Monitors every commit, enriches insufficient messages, and runs targeted tests sco...
⭐ 0· 41·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name and description (incremental backend/frontend testing, commit monitoring, generating tests) align with the actions described in SKILL.md: scanning routes, mining fix commits, generating tests, and installing a git hook. However, SKILL.md references invoking an external assistant ('claude -p "argus post-commit"') and includes generation of test fixtures that read env vars (TEST_BASE_URL, TEST_AUTH_TOKEN) even though requires.env lists none — minor mismatches to be aware of.
Instruction Scope
The instructions direct the agent to read large parts of the repository (routes, tests, git history, optional BUGFIX files), write and install a .git/hooks/post-commit hook, and—critically—describe enriching commit messages and (in places) amending commits. The SKILL.md also contains language indicating inclusion of 'Full source of all included files' for review. Reading/writing repository files and installing hooks is coherent for testing, but amending commits and the explicit suggestion to surface full source contents are high-impact actions and broaden scope beyond simple test generation. The hook is intended to run on every commit and could be used to trigger external analysis if an external tool (claude CLI) is present.
Install Mechanism
This is an instruction-only skill with no install specification and no code files to execute. That lowers supply-chain risk: nothing will be automatically downloaded or installed by the platform beyond writing files in the repository per its instructions.
Credentials
The registry metadata declares no required environment variables or credentials, but SKILL.md-generated test fixtures reference TEST_BASE_URL and TEST_AUTH_TOKEN. The skill also logs commit messages and changed-file lists to .argus/commit-log.txt. There is a partial, implicit dependency on an external CLI ('claude') if present. While no explicit credentials are requested, the skill's behavior (reading and potentially exporting full source and commit data) could expose secrets if later sent to an external service — the absence of declared env var requirements is inconsistent with the generated test code and the external-invocation hints.
Persistence & Privilege
The skill does not request platform-level 'always' presence, but it does create persistent artifacts inside the repository (.argus/, .git/hooks/post-commit) and installs a post-commit hook that runs automatically on every commit. That persistence is plausible for a commit-monitoring testing tool, but because the hook is triggered on each commit and SKILL.md contemplates invoking an external assistant, this persistence increases the blast radius if the hook is configured or modified to call external services.
What to consider before installing
Before installing or running this skill: 1) Review every file the skill will write (especially .argus/commit-hook.sh and catalog.md) and do not install the hook until you are comfortable with its commands. 2) Confirm whether you want a post-commit hook that may amend commits — amending history can be surprising; prefer manual enrichment or require a pre-push/manual review. 3) Check if a 'claude' (or other assistant) CLI is present or configured on your machine; the SKILL.md references invoking such a tool, which could cause repository contents to be sent to an external service. 4) Inspect generated tests (conftest.py) for references to TEST_AUTH_TOKEN or other secrets and do not set those env vars unless necessary and safe. 5) Test Argus in a disposable clone/branch first (or on a repo without sensitive data). 6) Back up your repository and ensure your CI/push workflow is not automatically exposing .argus artifacts. 7) If you want to proceed, consider editing the hook to require manual confirmation before sending data externally, or remove the auto-amend behavior. If you want, I can highlight the exact lines in the SKILL.md that perform the risky actions and propose a safer hook implementation.Like a lobster shell, security has layers — review code before you run it.
latestvk975yz1dxncm1q6ahaeb7weay183wbn4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.