GitHub Manager Skill Security Report — Low Risk | ClawSafe

20 /100

GitHub Manager Skill

A comprehensive GitHub repository management tool with code review, auto-deployment, changelog generation, CI/CD configuration, bug tracking, and project management automation

A legitimate GitHub management CLI with minor documentation gaps around undeclared shell execution for git operations, but no malicious behavior detected.

Skill NameGitHub Manager Skill

Duration47.6s

Enginepi

✓

Safe to install

Document the use of git CLI commands in the changelog feature and add explicit declarations about filesystem writes for CI/CD setup. Consider pinning chalk dependency to a safe version.

Findings 3 items

Severity	Finding	Location
Low	Undeclared git CLI execution Doc Mismatch The changelog generation feature uses execSync to run git log and git describe commands locally, but SKILL.md only states '基于commit消息自动生成changelog' without explaining it uses local git CLI. `const output = execSync(command, { encoding: 'utf8' });` → Document that the changelog feature requires local git installation and runs git commands.	`scripts/generate-changelog.js:47`
Low	Undeclared filesystem write for CI/CD Doc Mismatch The setupCICD function writes workflow YAML files to .github/workflows/ directory, but SKILL.md describes CI/CD configuration without explicitly stating local file writes occur. `fs.writeFileSync(filepath, content);` → Add explicit documentation that CI/CD setup creates local workflow files.	`github-cli.js:262`
Low	Unpinned dependency with known vulnerabilities Supply Chain chalk ^4.1.2 has known low-severity vulnerabilities (CVE-2023-26141). While not critical, version pinning would improve security posture. `"chalk": "^4.1.2"` → Pin chalk to ^5.0.0 or later which has addressed the vulnerability, or pin to specific safe version.	`package.json:13`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`READ`	`WRITE`	✓ Aligned	github-cli.js:6 imports fs; github-cli.js:247-270 writes workflow files to .gith…
Network	`READ`	`READ`	✓ Aligned	Uses Octokit for GitHub API calls only; no external IPs or C2
Shell	`NONE`	`READ`	✓ Aligned	scripts/generate-changelog.js:47 uses execSync('git log...'); scripts/generate-c…
Environment	`NONE`	`NONE`	—	No iteration through os.environ; token loaded from config file only

3 findings

🔗

Medium External URL 外部 URL

https://your-webhook-url.com

SKILL.md:191

🔗

Medium External URL 外部 URL

https://your-webhook-url.com/webhook

config-template.json:6

🔗

Medium External URL 外部 URL

https://staging.example.com/health

templates/github-actions/deploy-workflow.yml:141

File Tree

13 files · 89.9 KB · 3308 lines

JavaScript 4f · 1898L Markdown 3f · 659L YAML 4f · 597L JSON 2f · 154L

├─ ▾ 📁 .github

│ └─ ▾ 📁 workflows

│ ├─ 📋 ci.yml YAML 58L · 1.1 KB

│ └─ 📋 deploy.yml YAML 30L · 567 B

├─ ▾ 📁 scripts

│ ├─ 📜 code-review.js JavaScript 459L · 12.9 KB

│ ├─ 📜 generate-changelog.js JavaScript 338L · 9.2 KB

│ └─ 📜 project-manager.js JavaScript 536L · 17.3 KB

├─ ▾ 📁 templates

│ └─ ▾ 📁 github-actions

│ ├─ 📋 ci-workflow.yml YAML 212L · 5.4 KB

│ └─ 📋 deploy-workflow.yml YAML 297L · 8.9 KB

├─ 📋 config-template.json JSON 103L · 2.6 KB

├─ 📜 github-cli.js JavaScript 565L · 16.2 KB

├─ 📋 package.json JSON 51L · 1.3 KB

├─ 📝 README.md Markdown 161L · 5.3 KB

├─ 📝 SKILL_CN.md Markdown 249L · 4.7 KB

└─ 📝 SKILL.md Markdown 249L · 4.7 KB

Dependencies 4 items

Package	Version	Source	Known Vulns	Notes
`@octokit/rest`	`^20.0.2`	npm	No	Official GitHub API client, legitimate
`chalk`	`^4.1.2`	npm	Yes	Low-severity CVE-2023-26141; recommend upgrading to ^5.0.0
`commander`	`^11.0.0`	npm	No	Standard CLI argument parsing
`inquirer`	`^8.2.6`	npm	No	Interactive CLI prompts

Security Positives

✓ No credential exfiltration - GitHub token is stored locally in .github-manager.json and used only with official GitHub API

✓ No obfuscation detected - no base64-encoded strings, eval() usage, or anti-analysis techniques

✓ No remote code execution - execSync only runs documented git commands locally

✓ No C2 communication or data exfiltration - all network traffic goes to official GitHub API endpoints

✓ No sensitive file access - does not read ~/.ssh, ~/.aws, or .env files

✓ No persistence mechanisms - no cron jobs, startup hooks, or backdoor installations

✓ No supply chain compromise detected - all dependencies are from npm registry with known maintainers

✓ Uses official @octokit/rest library for GitHub API interactions

✓ No hidden functionality beyond documented features

Scan Report

Findings 3 items

File Tree

Dependencies 4 items

Security Positives