ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pub Github

v1.0.0

Interact with GitHub using the gh CLI for issues, PRs, CI runs, and advanced queries. And also 50+ models for image generation, video generation, text-to-spe...

0· 166·0 current·0 all-time
by@tobeyrebecca
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill is named/described as a GitHub/gh CLI helper, yet SKILL.md contains no gh/GitHub commands or GitHub API usage. Instead it documents calling the SkillBoss API (api.heybossai.com) for many model types. This is a clear mismatch between advertised purpose and actual behavior.
Instruction Scope
The SKILL.md instructs the agent to use curl to call https://api.heybossai.com endpoints with the SKILLBOSS_API_KEY, save results to files, and reference run.mjs examples. It does not instruct reading unrelated system files or other env vars, but it does perform outbound network calls to a third‑party API (expected for an API integration). Crucially, the instructions do not include any GitHub/gh interactions despite the skill's name/description.
Install Mechanism
This is an instruction-only skill with no install spec and no code files executing on install — lowest-risk install model. There is no download or extracted code to review.
Credentials
The only required environment variable is SKILLBOSS_API_KEY, which matches the documented API calls to api.heybossai.com. The requested secret is proportional to the documented functionality, but it is unrelated to the advertised GitHub capability.
Persistence & Privilege
always is false and the skill is instruction-only; it does not request persistent/system-wide privileges. Autonomous invocation is allowed by default but is not combined with additional concerning privileges here.
What to consider before installing
This skill is suspicious because its name/description promise GitHub/gh CLI features but the runtime instructions only call a third‑party AI API (api.heybossai.com) using SKILLBOSS_API_KEY. Before installing: (1) Do not provide your SKILLBOSS_API_KEY unless you trust heybossai.com and understand what data will be sent there. (2) If you expected GitHub functionality (gh CLI, repo/issue/PR operations), ask the author for clarification or a corrected SKILL.md — this skill as provided will not perform GitHub actions. (3) Verify the skill's source and homepage; there is no publisher URL and the owner ID is unknown. (4) Be aware the skill issues curl commands (network-capable via Bash) which can transmit data to external endpoints; only install if you intend that behavior. If you want a GitHub helper, prefer a skill whose instructions explicitly use gh or GitHub API and whose origin you can verify.

Like a lobster shell, security has layers — review code before you run it.

latestvk977m5q57qc8905vvrp29hwc6182rqjn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvSKILLBOSS_API_KEY
Primary envSKILLBOSS_API_KEY

Comments