Pr Triage
v1.0.0Triage open PRs by detecting duplicates, assessing quality, and generating prioritized reports. Use when a repo has too many PRs to review manually, needs du...
⭐ 0· 543·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, description, SKILL.md, and script all aim to triage PRs via the GitHub CLI (gh). However, the registry metadata declares no required binaries or credentials even though the agent and included script clearly depend on the gh CLI and on GitHub authentication. This mismatch is unexpected and should be clarified.
Instruction Scope
Instructions and the script run gh CLI commands to list PRs and (optionally) comment/edit PRs. They also instruct ALWAYS to run gh commands with env -u GH_TOKEN -u GITHUB_TOKEN (and the script does the same). That pattern is unusual: it explicitly unsets common GitHub token env vars which may cause gh to fall back to other auth methods (e.g., interactive or stored gh auth) or to fail. The skill will perform write actions if invoked with an --action flag, which is allowed by the script; the SKILL.md says it won't comment without --action, but the ability to perform comments/edits is present and requires GitHub credentials that are not declared.
Install Mechanism
No install spec (instruction-only with an included script). Nothing is downloaded from arbitrary URLs and no third-party packages are installed by the skill itself. Risk from install mechanism is low.
Credentials
The skill declares no required environment variables, but both SKILL.md and the script manipulate GH_TOKEN and GITHUB_TOKEN by unsetting them before invoking gh. The skill implicitly requires the gh CLI and some form of GitHub authentication (either env token or gh's stored auth). Not declaring these makes the credential requirements and behaviors unclear. The unset pattern could cause the skill to use host-stored credentials unexpectedly when taking write actions.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide settings, and does not attempt to persist credentials. Autonomous invocation is enabled but that's the platform default; combined with the ability to perform PR comments/edits this increases blast radius only if the user allows --action or the agent is invoked autonomously to perform actions.
What to consider before installing
This skill appears to do PR triage using the GitHub CLI, but the package metadata omits gh as a required binary and declares no credentials. Before installing or running it: 1) Verify you have the gh CLI installed and test gh auth behavior on the host (how does gh authenticate if GH_TOKEN/GITHUB_TOKEN are unset?). 2) Review and run the included scripts in read-only mode (no --action) first to confirm they only read PR metadata. 3) Be cautious about providing or relying on host-stored gh auth: if you run with --action the script can comment or edit PRs using whatever gh credentials are available. 4) Prefer running the tool with a dedicated machine/service account or in a sandboxed environment, and request the maintainer to update the registry metadata to declare the gh dependency and clearly document expected auth behavior (explain why GH_TOKEN/GITHUB_TOKEN are unset).Like a lobster shell, security has layers — review code before you run it.
latestvk97emhppz68h56ctydvep7bkes818yyj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.