GitHub Track
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches GitHub repository tracking, but it asks for broad GitHub credentials and includes an under-documented daily script that can post reports to a hard-coded Slack channel.
Before installing, decide whether you really need a GitHub token; if so, use a fine-grained read-only token with minimal repository access. Inspect or disable the Slack section in scripts/daily-report.sh, do not schedule cron/systemd until output destinations are configured, and review the full source/dependencies because the package provenance and install metadata are incomplete.
Static analysis
Static analysis findings are pending for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may provide a GitHub token with more access than the skill needs, increasing the impact if the local workspace or token is mishandled.
The skill asks users to store a GitHub personal access token and recommends the broad `repo` permission, which can grant access to private repositories and is broader than needed for basic public repository tracking. The registry metadata does not declare a primary credential or required environment variable.
Token 存储在 TOOLS.md 中,不要提交到公开仓库 ... - GITHUB_TOKEN: 你的 GitHub Personal Access Token ... 获取 Token:https://github.com/settings/tokens (需要 `repo` 权限)
Use the least-privileged GitHub token possible, preferably no token for public repositories or a fine-grained read-only token limited to specific repositories.
Repository names, issue titles, PR titles, and possibly private-repository tracking summaries could be posted to an unintended Slack channel if the script is run with a Slack token.
The daily report script sends the generated report to Slack when an environment token exists, using a hard-coded channel ID. This Slack integration is not declared in the metadata and is not clearly documented in SKILL.md configuration.
if os.environ.get('OPENCLAW_SLACK_TOKEN'):
from slack_sdk import WebClient
client = WebClient(token=os.environ['OPENCLAW_SLACK_TOKEN'])
client.chat_postMessage(channel='C0AHZG3GT3M', text=content)Do not run or schedule daily-report.sh until you have reviewed or removed the Slack block, and require an explicit, user-configurable Slack channel before posting.
If scheduled, the skill can continue refreshing and reporting repository data after the initial setup.
The README documents optional recurring execution through cron or systemd. This is purpose-aligned for tracking, but it creates ongoing background behavior if the user enables it.
添加 cron 任务(每天 10:00 执行) ... 0 10 * * * /path/to/github-track/scripts/daily-report.sh ... systemctl enable github-track.timer
Only enable cron or systemd scheduling if you want recurring reports, and review the script output destinations first.
Tracked repository metadata remains on disk and may be included in future reports or agent context.
The skill persists repository configuration and fetched issue/PR data in the OpenClaw workspace memory area. This is expected for tracking, but it means external GitHub content and possibly private-repo metadata can be reused later.
追踪配置存储在 `~/.openclaw/workspace/memory/github-track-config.json` ... 追踪数据存储在 `~/.openclaw/workspace/memory/github-track-data.json`
Track only repositories whose metadata you are comfortable storing locally, and clear the memory files when you no longer need them.
Users have less provenance and dependency information than expected before running the included scripts.
The package has no declared source/homepage or install spec, while including runnable scripts and dependencies that are not declared in requirements. The provided track.py artifact is also truncated in the review data.
Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill ... 2 code file(s): scripts/daily-report.sh, scripts/track.py
Review the full source and dependencies before running the scripts, and prefer installing from a trusted repository with pinned dependencies.