GitHub Trending Blog Pipeline
PassAudited by VirusTotal on May 6, 2026.
Overview
Type: OpenClaw Skill Name: github-trending-blog Version: 1.0.0 The skill bundle automates technical content creation by executing shell commands, including 'gh api' and local Python scripts. While the logic is consistent with the stated purpose, Step 5 in 'workflow.json' uses a 'cat' command to save files which is vulnerable to shell injection if the 'blog_content' variable contains malicious sequences. The reliance on absolute paths in the root directory (/root/.openclaw/workspace/...) for script execution also indicates a requirement for high-privilege environment access.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may call external services, run local command-line tools, execute a local renderer script, and write draft files under /tmp.
The workflow is built around executing API, CLI, Python, and shell commands with templated inputs. This is purpose-aligned for automation, but users should understand and confirm the commands before running them.
"command": "gh api graphql ..."; "command": "summarize \"{{repo_url}}\" --extract-only"; "command": "python3 /root/.openclaw/workspace/skills/card-renderer/scripts/render_vscode_card.py ..."; "command": "cat > /tmp/github_blog_{{date}}.md ..."Review templated values such as language, date, repo URL, and generated blog content before execution; prefer safe file-writing methods or carefully constrained shell commands.
GitHub API requests may be associated with the user's configured GitHub CLI account and rate limits.
The GitHub CLI API command may use the user's existing local GitHub CLI authentication. The artifact shows read-only public repository search, not account mutation or token exposure.
使用 `gh api` 采集 GitHub Trending 页面的热门项目列表。
Use a least-privileged GitHub CLI login or unauthenticated mode where possible, and verify that only read-only public repository queries are being made.
Actual behavior depends on the installed versions of those external skills and their scripts, especially the card renderer and WeChat article workflow.
This instruction-only package delegates core behavior to other skills and tools whose code/provenance is not included in the supplied artifacts.
"skills": [ "github", "summarize", "card-renderer", "wechat-article-pro" ]
Install dependent skills only from trusted sources and review their artifacts separately before using this pipeline.