GInstall OneClick
ReviewAudited by ClawScan on May 15, 2026.
Overview
The skill is coherent for installing GitHub Node projects, but it relies on an external installer that can clone, install, and run repository code, so users should review plans and only use trusted repos.
Before installing, verify the external ginstall CLI source, use plan-only or guided mode for unfamiliar repositories, avoid `--yes` unless you trust the repo and environment, and keep any GitHub token least-privileged and out of environments where untrusted scripts can read it.
Publisher note
GInstall OneClick — one-click-style setup for GitHub Node.js repos: normalize URL, plan, clone, install deps, run dev; supports monorepo tree URLs and GITHUB_TOKEN for private repos.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or compromised repository could run code on the user's machine during install or dev startup.
The skill intentionally runs a workflow that can execute code from GitHub repositories through dependency installation and dev scripts.
generate a plan, clone, install dependencies, and start a dev-oriented script
Use guided or plan-only mode first, review the generated plan, and only install/run repositories you trust, preferably in a sandbox or disposable workspace.
If used on an untrusted repo, auto-approval could allow clone/install/run steps to proceed with less opportunity to stop unsafe actions.
The skill documents an auto-approval mode for running the installer, which is useful for CI but reduces interactive user review.
`--yes`, `CI`, `GINSTALL_NON_INTERACTIVE`, `GINSTALL_YES` | Non-interactive; auto-approve steps
Reserve `--yes` or non-interactive modes for trusted repositories and CI jobs where the plan and environment are already controlled.
The safety of the actual clone/install/run behavior depends on the separately installed ginstall CLI and its provenance.
The executable that performs the install is external and not included in the reviewed artifacts, so its implementation is outside this scan.
This file is the OpenClaw skill only. Install or build `ginstall` from the GInstall OneClick CLI repository: <https://github.com/YunzhouLi-hub/GInstall-OneClick>
Install ginstall only from a verified upstream source, pin or record the version used, and review the CLI before granting it access to sensitive repositories or environments.
A GitHub token grants account access to repositories within its scope, so mishandling it could expose private code.
The skill may use a GitHub token for private repos or authenticated cloning, but it asks for a minimal read scope and gives basic secret-handling guidance.
tell the user to set `GITHUB_TOKEN` (minimum `contents:read`), then retry. Never paste tokens into chat or save them into shared plan files.
Use the least-privileged token possible, prefer short-lived or fine-grained tokens, and avoid running untrusted repository scripts in an environment where the token is present.