OpenClaw: suspicious
VirusTotal: suspicious
StaticScan: unknown
OpenClaw: suspicious
The skill's purpose (PR risk analysis) is plausible, but its runtime instructions require you to send repo data and optional GitHub tokens to an unknown third-party endpoint (pr-risk-analyzer.onrender... [内容已截断]
VirusTotal: suspicious VT 报告
静态扫描: unknown
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1771343269295,
"_id": "k979t8zkxp5y6k7mcnqd5c90hh81b7b7",
"changelog": "Initial release of pr-risk-analyzer skill.\n\n- Analyzes GitHub pull requests for risks like exposed secrets, large changes, and sensitive file edits.\n- Provides a risk score, lists key issues, and recommends if a PR is safe to merge.\n- Asks users for repository, PR number, and (for private repos) a GitHub access token.\n- Ensures user security by not exposing or storing GitHub tokens.\n- Handles API failures and incomplete responses gracefully, informing users if analysis cannot be completed.",
"changelogSource": "user",
"createdAt": 1771343269295,
"version": "1.0.0"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "Nerdvana Labs",
"handle": "nerdvana-labs",
"image": "https:\/\/avatars.githubusercontent.com\/u\/254709543?v=4",
"kind": "user",
"linkedUserId": "kn73qx6jahst00we2hqh6079k181ar4g"
},
"ownerHandle": "nerdvana-labs",
"skill": {
"_creationTime": 1771343269295,
"_id": "kd7fbgsr6m2pvq2rgjkn5aw5x181bbn2",
"badges": [],
"createdAt": 1771343269295,
"displayName": "Github MergeGuard AI",
"latestVersionId": "k979t8zkxp5y6k7mcnqd5c90hh81b7b7",
"ownerUserId": "kn73qx6jahst00we2hqh6079k181ar4g",
"slug": "pr-risk-analyzer",
"stats": {
"comments": 0,
"downloads": 529,
"installsAllTime": 1,
"installsCurrent": 1,
"stars": 0,
"versions": 1
},
"summary": "Analyze GitHub pull requests for security risks and determine if a PR is safe to merge.",
"tags": {
"latest": "k979t8zkxp5y6k7mcnqd5c90hh81b7b7"
},
"updatedAt": 1774325412089
}
}