Istore Build Passwall
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is purpose-aligned, but it asks for broad GitHub authority and can overwrite a repository and change GitHub Actions permissions.
Review carefully before installing. Only use this with a disposable or backed-up fork, prefer a fine-grained GitHub token limited to that repository, revoke the token afterward, and inspect the generated GitHub Actions workflow and downloaded package sources before running the resulting router installer.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistake or misunderstanding could overwrite the target GitHub repository and grant workflows broader write capabilities.
The skill instructs the agent to force-push to the user's repository, explicitly overwriting existing content, and to change repository Actions permissions. These are high-impact actions and the artifact does not show a safer branch/PR path, backup, rollback, or explicit second confirmation.
提交并强制推送到用户的仓库(覆盖原有内容) ... git push -u origin main --force ... 设置 Workflow permissions
Use a dedicated test fork first, avoid force-push by default, create a branch/PR instead, back up the repository, and require explicit user confirmation before changing repository permissions.
The token may allow access to more repositories than this one task needs, and mishandling it could expose account-level repository access.
The skill asks for a classic GitHub token with broad repo permission and embeds it in a Git remote URL, which can leave the token in local Git configuration or logs unless carefully cleaned up.
Personal Access Token(需开启 `repo` 权限) ... git remote set-url origin https://<TOKEN>@github.com/<USER>/istoreos.git
Use a fine-grained token limited to the target fork with only the required permissions, avoid putting tokens directly in remote URLs, remove any stored credentials after use, and revoke the token when finished.
The resulting router installer may include whatever packages those remote sources provide at build time, so an upstream compromise or changed release could affect the generated artifact.
The generated workflow downloads latest release assets and SourceForge packages into the build without visible hash, signature, or pinned artifact verification in the provided content.
PW2_LATEST=$(curl_gh "https://api.github.com/repos/Openwrt-Passwall/openwrt-passwall2/releases/latest" ...); SF_BASE="https://sourceforge.net/projects/openwrt-passwall-build/files/releases/packages-22.03"; curl -fL "$url" -o "$dest"
Pin exact versions, verify checksums or signatures, document all third-party package sources, and review the workflow before running the generated installer on a router.