ClawHub

GitHub Smart Code Digest

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates GitHub code-review reports and publishes them to Feishu Wiki, with the main risks being expected external sharing and scheduled publishing that users must configure carefully.

Install only if you intend to publish GitHub PR metadata, diffs-derived review findings, file paths, and generated report images into Feishu Wiki. Use restricted GitHub and Feishu credentials, publish to a controlled Wiki space, review the dependent skills, and be cautious before enabling scheduled daily or weekly runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README promotes automatically publishing code review results to Feishu Wiki, which can expose internal repository metadata, PR details, file paths, code snippets, and security findings to an external platform without clearly warning users about that data flow. In this skill context, the risk is elevated because the tool is explicitly designed to aggregate and redistribute potentially sensitive engineering information across systems.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The scheduled push instructions encourage recurring automatic publication to Feishu Wiki without making the external-sharing behavior and persistence implications obvious. This increases the chance of ongoing unintended disclosure, especially as new PRs or review findings may be published automatically after initial setup with little operator attention.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrases include broad terms such as '代码审查报告' and 'GitHub 监控' that could match routine user requests and activate the skill unintentionally. Because this skill can collect repository metadata, run reviews, and publish results to Feishu Wiki on demand or via automation, accidental activation could expose internal engineering information or cause unwanted external publishing.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description and usage emphasize automation and reporting, but do not clearly warn users that repository review data will be published to Feishu Wiki and may be auto-pushed on a schedule. In this context, the omission is significant because the workflow processes potentially sensitive code-review findings and persists them to an external collaboration system, increasing the risk of unintended data disclosure and ongoing automatic leakage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The workflow automatically publishes review data, PR metadata, and rendered artifacts to Feishu Wiki, but the manifest does not disclose this external transmission or require explicit user acknowledgment. This creates a real privacy and data-governance risk because repository metadata, review findings, and possibly sensitive code-derived summaries may be sent to a third-party platform without informed consent.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The manifest declares required GitHub and Feishu credentials and external APIs, but does not warn users that the skill will access those services and operate with those tokens. While merely referencing environment variables is not a secret leak by itself, the lack of disclosure about credential use and outbound access is a genuine security/transparency weakness that can lead to over-privileged or unintended data access.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal