研发经理助手
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a local project-reporting toolkit that reads Git/project information and writes reports, with no evidence of hidden uploads, credential use, or destructive behavior.
This skill is reasonable to use if you are comfortable running local scripts against your repositories. Before installing, review the simple helper scripts, configure only the intended repo paths, avoid running Git stats on dirty working trees, and treat generated reports as potentially sensitive internal documents.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the Git report may change the checked-out branch in the selected repository and expose commit metadata in generated output.
The Git statistics helper operates inside a user-supplied repository and switches to the selected branch before collecting stats. This is aligned with Git reporting, but branch checkout can change the local working tree state.
cd "$REPO_PATH" ... git checkout $BRANCH > /dev/null 2>&1
Run it only on the intended repository, avoid repositories with uncommitted work, and consider reviewing or modifying the script to gather stats without changing branches.
Users have less external provenance to verify who maintains the skill or where updates come from.
The repository URL is a placeholder, and the registry metadata lists an unknown source/homepage. The included code is simple and self-contained, but provenance is not strongly established.
"repository": {
"type": "git",
"url": "https://github.com/your-username/研发经理助手"
}Review the included files before use and prefer installing updates only from a verified publisher or repository.
Generated reports may persist locally and could contain internal project or team information.
The skill is configured to create and retain local report files. These reports may contain project status, team member information, and Git activity summaries.
reports: output_dir: "./reports" format: "markdown" archive_enabled: true archive_days: 30
Store reports in an appropriate location, check generated content before sharing, and adjust retention/archive settings if the reports contain sensitive information.