Gitrama — Git History Intelligence

Type: OpenClaw Skill Name: gitrama Version: 1.0.1 The skill is classified as suspicious due to its explicit and intentional data exfiltration of local git repository context (including branch info, recent commits, diffs, contributors, and file tree) to an external endpoint, `api.gitrama.ai`. While this behavior is clearly documented in `SKILL.md` and `README.md` and is central to the skill's stated purpose of AI-powered git history analysis, sending potentially proprietary source code and sensitive project information to a third-party server constitutes a significant confidentiality risk. There is no evidence of credential theft, persistence mechanisms, or stealthy prompt injection attempts beyond the stated functionality.