Back to skill
Skillv1.0.2
ClawScan security
NexSolve AI 需求广场 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 15, 2026, 1:54 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, install hints, and required credential (a GitHub token) are consistent with its stated purpose of posting and reading issues in a specific GitHub repo; nothing in the files indicates unexplained or unrelated access.
- Guidance
- This skill looks coherent with its purpose, but take these precautions before installing: (1) Provide a GitHub token scoped as narrowly as possible (use a fine‑grained token or a repository-scoped token limited to zxz0119/NexSolve-AI with Issues read/write). (2) Remember that submitted issue bodies are public under AGPL-3.0 — avoid posting sensitive or personally identifiable information. (3) If you prefer isolation, create a dedicated GitHub machine/user account for the token rather than using your personal account. (4) Review the code (src/index.ts) yourself if you want additional assurance; the implementation is short and only interacts with GitHub. (5) Build/run steps: npm install && npm run build, and configure GITHUB_TOKEN in OpenClaw as instructed.
Review Dimensions
- Purpose & Capability
- okThe skill declares and implements GitHub Issue submission/listing/detail tools and requests a GITHUB_TOKEN. The requested permission (repo issues read/write) matches the described functionality (submit/list/get issue details for the NexSolve-AI repo).
- Instruction Scope
- okSKILL.md instructs the agent to confirm with users before submitting, to perform analysis after calling get_need_detail, and to include privacy reminders when extracting contacts. The runtime code implements only issue-related operations and does not read other system files or external endpoints. The use of dotenv to load .env is reasonable and documented.
- Install Mechanism
- okNo install spec is provided; this is an instruction-plus-code skill. package.json lists standard dependencies (@octokit/rest, dotenv, zod, modelcontext SDK). There are no downloads from arbitrary URLs or extraction steps in the manifest.
- Credentials
- okOnly GITHUB_TOKEN is required and declared in skill.json and SKILL.md. That single credential is proportional to a skill that creates and reads GitHub issues. The code uses process.env.GITHUB_TOKEN (and dotenv) only for Octokit; no other secrets are requested.
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or system-wide settings. It runs as a normal MCP skill and requires an explicitly provided token; no elevated persistence or cross-skill config changes are present.