github-operations

Facilitates GitHub resource management by enabling Codex to inspect and update issues, PRs, and workflows through the MCP server.

Install this skill

50/100

Security score

The github-operations skill was audited on Feb 12, 2026 and we found 4 security issues across 2 threat categories, including 3 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

high line 12

Template literal with variable interpolation in command context

SourceSKILL.md

12	1. Ensure `mcp.json` includes the `github` entry pointing to `${GITHUB_MCP_ENDPOINT}` with the `${GITHUB_MCP_TOKEN}` Authorization header.

high line 13

Template literal with variable interpolation in command context

SourceSKILL.md

13	2. Confirm scopes on `${GITHUB_MCP_TOKEN}` cover `repo`, `workflow`, and `read:org`.

high line 25

Template literal with variable interpolation in command context

SourceSKILL.md

25	- Treat `${GITHUB_MCP_TOKEN}` as a production credential—store it in `.env.local` and do not log it.

medium line 25

Access to .env file

SourceSKILL.md

25	- Treat `${GITHUB_MCP_TOKEN}` as a production credential—store it in `.env.local` and do not log it.

Scanned on Feb 12, 2026

View Security Dashboard

Installation guide →

GitHub Stars 106

Rate this skill

Categorysales

UpdatedMay 21, 2026

openclaw git sdr sales-engineer technical-pm product-manager growth-pm github sales product

majiayu000/claude-skill-registry