openclaw-ghsa-maintainer
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns were detected. The skill instructions focus on standard administrative tasks for repository maintenance.
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh api) to interact with theopenclaw/openclawrepository. These operations are scoped to the author's own repository and follow established security advisory workflows. - [COMMAND_EXECUTION]: The skill utilizes
npm viewwith a temporary configuration file (--userconfig "$(mktemp)") to check package versions, which is a safe practice that avoids using or exposing the user's primary npm configuration.
Audit Metadata