ClawHub
Back to skill
v1.0.0

Skill Updater

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 6:21 AM.

Analysis

The skill coherently automates a user-requested skill release, but it can run a repository release script that publishes a new version, so users should only use it with a trusted repository.

GuidanceThis skill appears coherent and purpose-aligned for releasing one skill version. Before installing or using it, make sure you trust the target repository and its scripts/release.sh, and only run it when you are ready for the publishing pipeline to be triggered.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusNote
SKILL.md
Execute Release Script: It will locate the `scripts/release.sh` script in the repository and execute it with the provided arguments. This triggers the `publish.yml` GitHub Actions workflow

The skill explicitly directs the agent to execute a release script that can trigger publishing. This is expected for the skill's purpose, but it is a high-impact action.

User impactRunning the skill can create or trigger a real release of a skill through the repository's publishing workflow.
RecommendationUse it only when you intend to publish, and verify the target skill name, version, changelog, and repository before allowing the release command to run.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/update.sh
RELEASE_SCRIPT="$REPO_PATH/scripts/release.sh" ... bash "$RELEASE_SCRIPT" "$SKILL_NAME" "$NEW_VERSION" "$CHANGELOG"

The actual release logic comes from a script inside the user-specified repository, not from the reviewed skill package. That is normal for this workflow, but it means the repository script's provenance matters.

User impactIf the target repository's release script is untrusted or modified unexpectedly, the skill could run code with effects beyond the intended release.
RecommendationInspect or trust the repository's scripts/release.sh before using this skill, especially in repositories you did not create or maintain.