Is github safe?

https://clawhub.ai/steipete/github

95
SAFE

This is a minimal, documentation-only skill that provides gh CLI usage examples for interacting with GitHub. It contains no executable code, no hidden instructions, no data exfiltration mechanisms, and no prompt injection attempts. The only notable observation is the broad gh api documentation, which is inherent to the tool being documented rather than an introduced risk.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

LOW Broad gh api instruction -5

The skill documents gh api usage which allows arbitrary GitHub REST API calls. While this is inherent to the gh CLI and not introduced by the skill, it expands the agent's awareness of this broad capability.

INFO Jiti cache files created during install -10

The ClawHub installer created ~50 temporary jiti transpilation cache files in /tmp/jiti/ during the install process. These are from the ClawHub CLI infrastructure (OAuth providers, config validation, plugin discovery), not from the skill itself.

INFO Documentation-only skill with no active components -15

This skill consists solely of a SKILL.md file with gh CLI usage examples and two metadata JSON files. It contains no executable code, no hooks, no scripts, and no external dependencies. Risk surface is minimal.