Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Finishing Branch
v0.1.0Complete development work by presenting structured options for merge, PR, or cleanup. Use when implementation is complete, all tests pass, and you need to decide how to integrate work. Triggers on finish branch, complete branch, merge branch, create PR, done with feature, implementation complete.
⭐ 0· 798·1 current·3 all-time
by@wpank
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description and included scripts (finish_branch.py, cleanup_branches.py) are coherent: they implement finishing/cleaning branches. However the skill declares no required binaries or env vars while the code and SKILL.md assume git is available and optionally rely on 'gh' (GitHub CLI), language-specific test runners (npm, cargo, pytest, go test, make, tox), and network access for pushing/deleting remote branches. The omission of these runtime dependencies is an inconsistency that could surprise users.
Instruction Scope
SKILL.md instructions and the Python scripts stay within the stated purpose: verifying tests, determining base branch, presenting options, merging/pushing/creating PRs, and cleaning up worktrees/branches. The skill performs destructive git operations (local branch deletion, remote delete via 'git push origin --delete', worktree removal) — this is expected for the stated task but worth noting because these actions can permanently delete commits/branches if misused. The SKILL.md requires typed confirmation for 'discard' and the scripts support dry-run modes.
Install Mechanism
No install spec is provided (instruction-only is lower-risk). README suggests an 'npx add' command with a GitHub tree URL (https://github.com/.../tree/...) which is not a standard package install URL and looks inaccurate/confusing. Installation instructions are purely copy-based. No archives or external installers are pulled by the skill itself.
Credentials
The skill requests no environment variables or credentials, which is appropriate for local git-based workflows. There is no indication of hidden credential access or external endpoint exfiltration in the code or SKILL.md.
Persistence & Privilege
Skill does not request 'always: true' and does not modify other skills or system-wide configuration. It executes transient git operations and prints cleanup commands; persistent privileges are not requested.
What to consider before installing
What to check before installing or running this skill:
- Expect to run this only in repos you trust and can afford to change: the scripts perform branch deletion and remote deletion (git push origin --delete). Always run with --dry-run first.
- Ensure required binaries are present: git is mandatory; GitHub PR creation uses 'gh' (GitHub CLI) if you want the automated PR flow; test runners (npm, cargo, pytest, go, make, tox) are used if detected. The skill metadata does not list these, so verify your environment.
- The README's 'npx add <github tree url>' looks incorrect — don't run untrusted install commands from there. Prefer copying files locally or reviewing code first.
- Review the scripts (finish_branch.py, cleanup_branches.py) manually to confirm behavior, and run them in a safe branch or clone before using on important work.
- Confirm you have the git remote permissions you expect (deleting remote branches requires push/delete rights).
- If you want extra safety, require interactive confirmations or back up references (tags or temp branches) before allowing automatic cleanup.
Confidence notes: I assessed source files and SKILL.md; there are no scan-findings flagged by the pre-scan, but the omission of declared runtime binaries and the odd README install example are the primary reasons for a 'suspicious' verdict. Additional context (author identity, signed releases, or an authoritative install path) would raise confidence toward benign.Like a lobster shell, security has layers — review code before you run it.
latestvk979nssv1vadnt2hk1e32arwth80wdsd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.