这是我的test3
PassAudited by ClawScan on May 1, 2026.
Overview
This is a simple GitHub CLI instruction skill, with the main thing to notice being that it can use your existing GitHub CLI access and the broad `gh api` command.
Before installing, make sure you are comfortable with the agent using your local GitHub CLI context. Keep commands repository-scoped, review any `gh api` or mutating command before execution, and use least-privilege GitHub credentials.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could use a flexible GitHub API command, which may access more than simple issue or PR listings if directed.
`gh api` is a broad GitHub API interface. The examples shown are read-only and purpose-aligned, but users should ensure any future API use is scoped and approved.
The `gh api` command is useful for accessing data not available through other subcommands.
Review `gh api` commands before running them, especially commands that use non-GET methods or affect repositories, issues, PRs, workflows, or organization settings.
Commands may access private repositories or account-scoped GitHub data if your local `gh` CLI is authenticated with those permissions.
GitHub CLI commonly operates using the user's configured GitHub account and token. This is expected for the skill's purpose, but it means commands may inherit the user's GitHub permissions.
Use the `gh` CLI to interact with GitHub.
Use a GitHub account or token with the minimum needed scopes, and verify repository targets before allowing commands.
The skill may fail or prompt separate setup if `gh` is not already installed and authenticated.
The skill instructions rely on the `gh` CLI, but the registry metadata does not declare it as a required binary. This is a dependency declaration gap, not evidence of malicious behavior.
Required binaries (all must exist): none
Confirm that `gh` is installed from a trusted source and authenticated only with the permissions needed for your intended repositories.