ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

test

v1.0.0

Interact with GitHub using the gh CLI to manage pull requests, check CI status, view workflow runs, and access advanced API queries.

0· 173·0 current·0 all-time
by@yequanzheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md clearly targets the GitHub 'gh' CLI (pr checks, run view, gh api). That purpose is coherent, but the skill metadata declares no required binaries or credentials — it should list 'gh' as a required binary and note that GH_TOKEN or an authenticated gh session is required. The missing declaration is a mismatch (not necessarily malicious) but important.
Instruction Scope
Runtime instructions are limited to running gh commands against repos and workflow runs and using --json/--jq for output. The instructions do not ask the agent to read arbitrary system files, network endpoints beyond GitHub, or other unrelated credentials.
Install Mechanism
There is no install spec (instruction-only), so nothing will be downloaded or written by the skill itself. This minimizes installer-related risk.
Credentials
The skill declares no environment variables or primary credential, yet the gh commands require GitHub authentication to operate. In practice the gh CLI will use an authenticated session or GH_TOKEN from the environment or config files (~/.config/gh), so the skill implicitly relies on access to those secrets without declaring them. That omission reduces transparency about what credentials will be used.
Persistence & Privilege
The skill does not request persistent/always-on presence and does not modify other skills or system settings. Autonomous invocation is allowed by platform default but is not combined here with elevated privileges.
What to consider before installing
This skill is an instruction-only helper for the GitHub 'gh' CLI and appears to do what it says, but it does not declare that 'gh' must be installed or that it will use your existing GitHub authentication. Before installing, verify you want the agent to run gh commands using your account: ensure 'gh' is installed on the host, confirm which credentials will be used (local gh auth or GH_TOKEN), and consider using a machine/service account with minimal scopes if you want to limit access. Also consider restricting autonomous use or reviewing the exact gh commands the agent will run during operation. If you expect the skill to work in environments without preinstalled gh, ask the author to add a required-binaries entry for 'gh' and documentation about authentication requirements.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ctzsmd5pxnar65s2q6r8ja9835xp8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments