openclaw-ghsa-maintainer

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns were detected. The skill instructions focus on standard administrative tasks for repository maintenance.
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh api) to interact with the openclaw/openclaw repository. These operations are scoped to the author's own repository and follow established security advisory workflows.
  • [COMMAND_EXECUTION]: The skill utilizes npm view with a temporary configuration file (--userconfig "$(mktemp)") to check package versions, which is a safe practice that avoids using or exposing the user's primary npm configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — openclaw-ghsa-maintainer