ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

GitHub项目分析助手

v1.0.0

Deep-dive analysis of GitHub projects. Use when the user mentions a GitHub repo/project name and wants to understand it — triggered by phrases like "帮我看看这个项目...

0· 90·0 current·0 all-time
byflyingants@tom859174-sketch
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to deep-dive GitHub projects, which reasonably requires GitHub API access and multi-source scraping. However, SKILL.md explicitly instructs use of a Personal Access Token (PAT) for GitHub API calls and to run external tools (search-layer, content-extract), yet the skill metadata lists no required environment variables, no primary credential, and no install spec. The missing declaration of the PAT and the loose dependency requirements are disproportionate to the provided registry metadata.
!
Instruction Scope
Runtime instructions tell the agent to: run curl commands including Authorization: token {PAT}; execute python scripts from search-layer and content-extract; prefer GitHub API over web_fetch; and escalate to MinerU for content extraction. The SKILL.md references a TOOLS.md for the PAT but no such file is included. These instructions therefore require access to secrets (PAT) and call external services/scripts not declared in metadata — the agent would need to read/provide a token and may transmit requests to third-party endpoints.
Install Mechanism
This skill is instruction-only (no install spec) which reduces direct install risk. However README recommends installing or linking third-party repos (blessonism/openclaw-search-skills and its search-layer/content-extract/mineru-extract). Those are external codebases; installing them would execute arbitrary code on the host. The absence of an install spec in the registry means the skill relies on user action to add those dependencies — verify those repos before installing.
!
Credentials
SKILL.md requires a GitHub PAT for API calls (curl examples use Authorization header), but the registry declares no required env vars or primary credential. content-extract/mineru may also require external API keys (not declared). Asking for a PAT is proportionate to the purpose only if the token requirement and scope (read-only, public repo) are declared; currently they are not, which is a significant omission and a potential exfiltration risk.
Persistence & Privilege
The skill does not request always:true, does not include code files, and does not modify other skills' configs. It appears not to request permanent elevated presence. Autonomous invocation is allowed (platform default) but does not by itself increase concern here.
What to consider before installing
Before installing or using this skill: 1) Ask the author to update the skill metadata to declare the required credential (e.g., GITHUB_TOKEN or GITHUB_PAT) and to document the exact env var name and required token scope. 2) Do not provide a full-privilege personal token; if you must supply a token, create an ephemeral or least-privilege token limited to read-only access to public repos. 3) Review the external repos (blessonism/openclaw-search-skills, search-layer, content-extract, mineru-extract) before installing — these will run code and may contact third-party services (MinerU). 4) Confirm what TOOLS.md is supposed to contain (SKILL.md references it but none is included). 5) If you cannot review those repos, run the skill in an isolated environment or decline to install. 6) Consider requesting the author to: a) remove hardcoded token examples and b) add explicit declarations of required env vars, third-party endpoints, and data handling (where scraped data and logs are sent). These steps reduce the risk of accidental token exposure or unreviewed code execution.

Like a lobster shell, security has layers — review code before you run it.

code-analysisvk977td4v9w0ga4tw1c73yhxtr583b5sfgithubvk977td4v9w0ga4tw1c73yhxtr583b5sflatestvk977td4v9w0ga4tw1c73yhxtr583b5sfopen-sourcevk977td4v9w0ga4tw1c73yhxtr583b5sfopenclaw-skillvk977td4v9w0ga4tw1c73yhxtr583b5sf

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments