Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
GitHub Track
v1.0.0追踪指定 GitHub 仓库的动态信息,包括 star 数量、issues、PR 变化。 使用场景: - "追踪 xxx 仓库" - "监控 xxx 项目的 star" - "看看 xxx 有什么新 issue" - "检查 xxx 仓库最近有什么 PR" - "github-track xxx/repo
⭐ 0· 309·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name and description (tracking GitHub repos: stars, issues, PRs) align with the included scripts (track.py + daily-report.sh) which call the GitHub API and store per-repo data in ~/.openclaw/workspace/memory.
Instruction Scope
SKILL.md and README provide concrete curl/python usage limited to GitHub API and local JSON files. However SKILL.md/README instruct storing GITHUB_TOKEN in TOOLS.md and the code reads that file; the skill also optionally sends reports to Slack. Instructions reference creating cron/systemd jobs (persistence guidance) and a systemd service that is not present in the package (inconsistent).
Install Mechanism
This is labeled instruction-only with no install spec, yet included Python scripts require external packages (requests, slack_sdk) with no install instructions. That mismatch can cause runtime surprises and indicates the package is incompletely specified.
Credentials
Registry metadata lists no required environment variables, but the code expects GITHUB_TOKEN (from env or TOOLS.md) and daily-report.sh will use OPENCLAW_SLACK_TOKEN if present. These credentials are appropriate for the described capabilities, but their omission from declared requirements is an incoherence and a user could inadvertently expose tokens by following README instructions.
Persistence & Privilege
The skill stores config/data under ~/.openclaw/workspace/memory and suggests cron/systemd timers to run periodically. It does not request 'always: true' and does not modify other skills' configs. The suggestion to install systemd units (which are referenced in README but not included) is concerning only as incomplete documentation rather than malicious privilege escalation.
What to consider before installing
This skill appears to do what it says (track GitHub repos) but has sloppy packaging and some undeclared requirements. Before installing or running it: 1) Inspect scripts (you already have them) and confirm you are comfortable with files being written to ~/.openclaw/workspace/memory. 2) Do not store unrelated secrets in ~/.openclaw/workspace/TOOLS.md; the script reads that file for GITHUB_TOKEN. 3) If you want Slack notifications, the script will post to a hard-coded channel id using OPENCLAW_SLACK_TOKEN — only set that env var if you understand which Slack workspace/channel the token has access to. 4) Install required Python packages (requests, slack_sdk) in an isolated environment before running. 5) Note missing/incorrect metadata: the registry should declare GITHUB_TOKEN and optionally OPENCLAW_SLACK_TOKEN; README references systemd files that are not present. If you need higher assurance, run the scripts in a restricted environment (container or VM) and/or ask the publisher for corrected metadata and the missing service files.Like a lobster shell, security has layers — review code before you run it.
latestvk97evr13tth0cwn2f5jrr6hfws82ay22
License
MIT-0
Free to use, modify, and redistribute. No attribution required.