github-trend-analyzer@ 0.1.0

github.com/JS-mark/skills
Verdict: Do not install
7 critical0 high1 medium
F
SCORE 0 / 100
$skillox install github-trend-analyzerSoon
Sign in to followFollowing emails you when a re-scan drops the grade. Opt-out is per-creator on /account/billing.

Why grade F?

score · 0 / 100

The current grade reflects 7 critical findings (any 2+ CRITs → F).

7 CRIT0 HIGH1 MED0 LOW
To reach a higher grade
  • D
    Reach Dtarget score 30

    Resolve 6 of your 7 CRIT findings — any single CRIT still keeps you at D.

  • C
    Reach Ctarget score 55

    Resolve all 7 CRIT findings.

  • B
    Reach Btarget score 75

    Resolve all 7 CRIT.

  • A
    Reach Atarget score 95

    Resolve all 7 CRIT.

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Latest scan findings

Scan crawl-h6lrhscvsptqe8i316b2zta4 · Thu, 28 May 2026 13:13:56 GMT · 17ms

crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 71CWE-200
69 skill 会按以下优先级查找 token(高 → 低):
70
71 1. 当前 shell 环境变量 `$GITHUB_TOKEN`references $GITHUB_TOKEN — potential credential leak
72 2. 项目根目录 `./.env`
73 3. 项目根目录 `./.env.local`
crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 124CWE-200
122### 步骤零:加载 GITHUB_TOKEN
123
124每次执行的第一件事,调用下面这段 Bash **加载 token**。它会按优先级查找并把 token 导出为 `$GITHUB_TOKEN`,后续所有 `curl` 直接复用:references $GITHUB_TOKEN — potential credential leak
125
126```bash
crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 129CWE-200
127load_github_token() {
128 # 1) 已经在 shell 环境里 → 直接用
129 if [ -n "$GITHUB_TOKEN" ]; thenreferences $GITHUB_TOKEN — potential credential leak
130 echo "[token] 来源:shell env"
131 return 0
crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 169CWE-200
167
168- ❌ **不要**用 `Read` 工具直接读取 `.env`(可能在屏幕和日志里暴露 token),始终通过上面的 Bash 函数处理。
169- ❌ **不要**把 `GITHUB_TOKEN` 的值打印到终端、写入报告、或拼进 URL(始终通过 `-H "Authorization: Bearer $GITHUB_TOKEN"` 传递)。references $GITHUB_TOKEN — potential credential leak
170- ✅ 只在日志里输出「来源」(如 `来源:./.env`),不输出 token 内容。
171- ✅ 如果用户的项目里没有 `.env`,且 shell 也没设置,**主动用 `AskUserQuestion` 询问**是否:
crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 179CWE-200
177```bash
178AUTH_HEADER=()
179[ -n "$GITHUB_TOKEN" ] && AUTH_HEADER=(-H "Authorization: Bearer $GITHUB_TOKEN")references $GITHUB_TOKEN — potential credential leak
180
181curl -s -H "Accept: application/vnd.github+json" "${AUTH_HEADER[@]}" \
crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 179CWE-200
177```bash
178AUTH_HEADER=()
179[ -n "$GITHUB_TOKEN" ] && AUTH_HEADER=(-H "Authorization: Bearer $GITHUB_TOKEN")references $GITHUB_TOKEN — potential credential leak
180
181curl -s -H "Accept: application/vnd.github+json" "${AUTH_HEADER[@]}" \
crit
Skill references secret env var $GITHUB_TOKEN
The skill instructions reference `$GITHUB_TOKEN`, which contains a credential. If an attacker can lure the agent into including this in an outbound URL or message, the credential leaks.
rule: env-var-harvestingline: 481CWE-200
4794. **API 限流**:未鉴权时 60 次/小时;鉴权后 5000 次/小时。在 Bash 中检测 `X-RateLimit-Remaining`,必要时让用户提供 `GITHUB_TOKEN`:
480 ```bash
481 curl -s -H "Authorization: Bearer $GITHUB_TOKEN" ...references $GITHUB_TOKEN — potential credential leak
482 ```
4835. **READMEs 抽样**:对 README 内容分析时,先在三类样本中各挑 3 个最有代表性的,避免一次拉太多。
med
No capability manifest declared
The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.
rule: no-manifest
View latest scan →
skillox.io/c/github-trend-analyzer