One-click installation of GitHub projects
ReviewAudited by ClawScan on May 15, 2026.
Overview
This is a coherent GitHub project installer skill, but it can run code from repositories and depends on an external CLI you should trust first.
Before installing, verify the external `ginstall` CLI source, use guided or plan-only mode for unfamiliar repositories, avoid `--yes` unless you trust the repo and environment, and keep any GitHub token least-privileged and out of chat.
Publisher note
GInstall OneClick — one-click-style setup for GitHub Node.js repos: normalize URL, plan, clone, install deps, run dev; supports monorepo tree URLs and GITHUB_TOKEN for private repos.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or compromised repository could run harmful install or dev scripts locally.
Installing dependencies and starting a dev script from a GitHub repository can execute third-party code on the user's machine. This is central to the skill's stated purpose and is disclosed.
generate a plan, clone, install dependencies, and start a dev-oriented script
Use plan-only or guided mode first, review the plan, and only run install/dev steps for repositories you trust.
Using auto-approval may allow install and run steps to proceed without another chance to review them.
The skill documents an auto-approval mode. It is framed for CI/non-interactive use, but it could bypass prompts around high-impact clone/install/run actions.
`--yes`, `CI`, `GINSTALL_NON_INTERACTIVE`, `GINSTALL_YES` | Non-interactive; auto-approve steps
Reserve `--yes` or non-interactive modes for trusted repositories and controlled automation; prefer guided or plan-only mode otherwise.
If the external `ginstall` CLI is installed from the wrong source or a compromised version, it could affect the local environment.
The skill depends on a separate CLI that is not included in the reviewed artifacts. Because that CLI performs the actual clone/install/run work, its provenance matters.
`ginstall` available on PATH (install from the upstream GInstall / GInstall OneClick CLI project)
Install `ginstall` only from a verified upstream source, pin or review the version when possible, and avoid running unknown installer binaries.
A GitHub token grants account-backed repository access and could expose private code if mishandled.
The skill may use a GitHub token for private repositories or authenticated access. The artifact limits the recommended scope and warns against exposing the token.
set **`GITHUB_TOKEN`** (minimum `contents:read`), then retry. Never paste tokens into chat or save them into shared plan files.
Use a least-privilege token, prefer short-lived or scoped credentials, and never paste tokens into chat or shared files.