Github Readme Maker

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI07: Insecure Inter-Agent Communication

What this means

If you publish the generated README, visitors' browsers or GitHub's rendering pipeline may load images from external badge and stats providers.

Why it was flagged

The script emits README markdown that references third-party badge/stat image services using the supplied username or text. This is purpose-aligned for profile README generation, but those services may receive page-load requests when the README is viewed.

Skill content

![Stats](https://github-readme-stats.vercel.app/api?username=$user&show_icons=true&theme=tokyonight)

Recommendation

Review the generated markdown before publishing and remove any external image links you do not want to rely on.