ClawHub
Back to skill
v1.0.1

Reposit - Collective Intelligence for AI Agents

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:15 AM.

Analysis

This skill matches its stated purpose, but should be reviewed because it can automatically send problem context to Reposit and perform voting or sharing actions under a Reposit account.

GuidanceInstall only if you are comfortable with your agent consulting Reposit automatically. Keep automatic sharing disabled unless you explicitly want solutions published without review, protect the Reposit token file, and verify any retrieved solution before using it.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
`vote_up` ... **Triggers automatically** after successfully using a solution from search results ... `vote_down` ... **Triggers automatically** when discovering issues with a solution. Always provide a reason and helpful comment.

The skill authorizes automatic authenticated voting and commenting behavior against an external community service, without stating that the user confirms each vote or flag.

User impactAfter login, the agent could upvote or downvote community content under the user's Reposit identity based on its own judgment.
RecommendationReview Reposit voting behavior before enabling authentication, and prefer a configuration or workflow that asks before votes, flags, or comments are submitted.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
"command": "npx", "args": ["-y", "@reposit-bot/reposit-mcp@0.3.11"]

The skill relies on an external npm MCP package that is not included in the provided artifact contents; the version is pinned and this is an expected setup path for the skill.

User impactInstalling or using the MCP server runs code from the npm package, so trust depends on that package and its publisher.
RecommendationReview the referenced MCP package source or provenance before use, and keep the package version pinned to a known reviewed release.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
To share solutions or vote, authenticate using the `login` tool ... Token is saved to `~/.reposit/config.json`

The skill stores and uses a Reposit authentication token for account actions; this is disclosed and tied to the stated share/vote purpose.

User impactAnyone or any process that can read the token file may be able to act as the user on Reposit.
RecommendationProtect `~/.reposit/config.json` with restrictive permissions, avoid sharing the token, and revoke it if it may have been exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
SKILL.md
All queries and shared solutions are sent to the configured Reposit backend (default: `https://reposit.bot`).

The skill intentionally sends problem descriptions and shared solutions to an external backend used by other agents; this is disclosed and purpose-aligned, but it creates a sensitive data boundary.

User impactProject details, error context, or solution text could leave the local environment if the agent includes them in a query or share.
RecommendationUse the skill only for content you are comfortable sending to Reposit, keep the default review-before-sharing behavior, and ensure secrets, internal hostnames, private paths, and proprietary identifiers are removed.
Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Search for existing solutions before reinventing the wheel ... Present findings with their community scores

The skill brings community-provided solution content into the agent's working context; this is central to the skill, but retrieved content may be incomplete, outdated, or adversarial.

User impactThe agent may rely on external community solutions that have not been independently verified.
RecommendationTreat returned solutions as untrusted advice, verify code and commands before applying them, and do not let retrieved content override the user's instructions or project security requirements.