by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
This skill appears to implement PR triage as described, but there are practical inconsistencies you should address before installing or running it: 1) The scripts require an authenticated gh CLI (a GitHub token) — treat that token as sensitive and prefer a token with minimal scopes; the skill does not declare this requirement explicitly. 2) The SKILL.md claims only Python stdlib + gh and Python 3.6+, but triage.py uses capture_output (Python 3.7+) and the included triage.sh requires jq (not list...详细分析 ▾
ℹ 用途与能力
The declared purpose (scanning GitHub PRs, scoring, producing Markdown) matches the code: both Python and shell scripts call the gh CLI and build reports. However the SKILL.md claims "pure Python stdlib + gh" and portability across platforms, while the shipped shell script actually requires additional tools (jq) and uses date flags that are platform-dependent. Also the SKILL.md claims Python 3.6+ but triage.py uses subprocess.run(capture_output=True) which requires Python 3.7+.
✓ 指令范围
Runtime instructions and the scripts only fetch PR data via the gh CLI and format reports (no hidden network endpoints, no file exfiltration beyond writing the optional output file). Nothing in SKILL.md or the scripts instructs reading unrelated local files or transmitting data to third-party endpoints beyond GitHub via gh.
ℹ 安装机制
There is no install spec (instruction-only), so nothing will be downloaded at install time. But the package includes two runnable scripts; the presence of a shell script with additional runtime dependencies (jq, specific date behavior) means the runtime environment must provide more than the SKILL.md declares.
⚠ 凭证需求
The skill implicitly requires an authenticated gh CLI (and therefore a GitHub token) but does not declare a required credential or primaryEnv. That token gives access to the repos the user scans and should be considered sensitive; the SKILL.md should explicitly call out required token scopes. The shell script also depends on jq (undeclared). The optional env vars for configuration are fine, but the lack of explicit declaration for the GitHub credential and the undeclared jq dependency are disproportionate to the transparency expected.
✓ 持久化与权限
The skill does not request permanent 'always' inclusion and does not modify other skills or system-wide settings. It only runs ad-hoc scanning when invoked.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.1.02026/3/27
NULL
● 无害
安装命令
点击复制官方npx clawhub@latest install fleet-pr-agent
镜像加速npx clawhub@latest install fleet-pr-agent --registry https://cn.longxiaskill.com