ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

God Mode Skill

v1.0.0

God's eye view of your dev repos. Multi-project tracking across GitHub/Azure DevOps. AI learns from your commits to upgrade your agents.md.

0· 393·2 current·2 all-time
bywetzja04@gmail.com@wetzja04-dot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (multi-project oversight + agent coaching) align with the included scripts and commands (sync, status, agents analyze). Required binaries (gh, sqlite3, jq) are appropriate. Minor inconsistency: docs and code reference optional provider CLIs and environment variables (az, glab, ANTHROPIC_API_KEY, OPENAI_API_KEY, GITHUB_TOKEN, AZURE_DEVOPS_PAT) but the skill metadata declares no required env vars and only lists gh/sqlite3/jq — this is plausible (they're optional), but the metadata doesn't fully enumerate optional fallbacks.
!
Instruction Scope
The runtime instructions explicitly fetch repository data and send the complete AGENTS.md content plus commit samples and pattern summaries to an LLM for analysis. That behavior is coherent with the stated feature, but it means potentially sensitive repository content (agents.md, commit messages, code snippets) will be exposed to whatever LLM is invoked (OpenClaw agent or external API). SKILL.md also instructs the skill to run the bundled 'god' commands and may optionally apply recommended changes to AGENTS.md (implying repo write actions). The instructions refer to environment variables for external LLMs but those env vars are not declared in the skill metadata.
Install Mechanism
There is no formal install spec in registry metadata (instruction-only), but the repository includes an install.sh and PUBLISH.md that suggest installing via GitHub (raw.githubusercontent.com/curl). That's a common pattern; the install URL points to GitHub, a well-known host, and there are no obscure download endpoints. Because files are present, installing will write scripts and db files under the user's home directory (~/.god-mode, ~/.config/god-mode).
!
Credentials
Declared required env vars: none. In practice the skill supports and documents multiple optional credentials (ANTHROPIC_API_KEY, OPENAI_API_KEY, OPENROUTER_API_KEY, fallback GITHUB_TOKEN / AZURE_DEVOPS_PAT / GITLAB_TOKEN) and relies on the user's local gh authentication. The skill's docs claim 'we never store tokens' and 'no telemetry', but code writes local DB/cache and may use gh auth (which implies existing tokens stored by gh). The presence of multiple optional credential paths is reasonable for LLM fallbacks, but you should be cautious: providing external API keys or a gh token with write scopes would allow networked LLM calls and repository writes/PRs.
Persistence & Privilege
The skill does not request always:true and is user-invocable (default autonomous invocation allowed). It stores data locally under ~/.god-mode and ~/.config/god-mode and initializes a SQLite database — that's proportionate to its function. The skill may, if you choose, apply changes to AGENTS.md which would require the user's gh/auth permissions; this is expected but worth reviewing before granting write-capable credentials.
What to consider before installing
This skill appears to do what it says: it uses the GitHub CLI and a local SQLite cache to summarize activity and feed your AGENTS.md + commit samples to an LLM for recommendations. Things to consider before installing or running it: - Sensitive data exposure: The agents analysis sends full AGENTS.md content and commit samples to an LLM (either OpenClaw or an external API). Audit those files for secrets/private data first. If you must keep data private, prefer running only in OpenClaw mode (where analysis is handled locally by your agent) or avoid supplying external API keys. - Credentials & scopes: The tool relies on your existing gh CLI auth. If you allow it to apply recommendations (push/PR), ensure your gh token has appropriate (least-privilege) scopes or use a read-only token for analysis-only runs. - Optional env vars: The SKILL.md mentions external LLM API keys (Anthropic/OpenAI/OpenRouter) and fallback tokens (GITHUB_TOKEN, AZURE_DEVOPS_PAT). These are optional but not listed in metadata — only provide them if you understand the network calls that will be made. - Local writes: The skill creates ~/.god-mode/ and ~/.config/god-mode/ and a local SQLite DB — inspect install.sh and scripts/god before running. Installing via the repo's install.sh (GitHub raw URL) is common but audit the script if you are cautious. - Audit before granting write actions: If you accept prompts to 'apply' recommendations, review the generated changes and any resulting git operations before allowing them to run. If you want to proceed safely: clone the repo locally, review install.sh and scripts/god, run in a sandbox account or with read-only gh credentials, and avoid supplying external LLM API keys unless you trust the environment and have inspected the LLM-calling code (scripts/lib/llm.sh).

Like a lobster shell, security has layers — review code before you run it.

latestvk978ekzg0k8gjf4akye3n2t7qx81xhhe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsgh, sqlite3, jq

Comments