Git Standup
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The generated report may include private commit messages, issue references, authorship details, and work activity from selected repositories.
The command can read user-specified repository paths and write a report to a user-specified file. This is expected for a Git standup tool, but users should scope paths and outputs carefully.
| `--repos` | 指定多个仓库路径 | | `--output` | 输出文件路径 |
Use it only on repositories and date ranges you intend to summarize, choose a safe output path, and review the report before sharing it.
If a user follows the direct-use instructions, they may run code that was not included in the reviewed artifact set.
The README provides a direct-use path that clones and runs code from an external GitHub repository, while the submitted package has no included bin/daily-standup executable and registry source/homepage are not declared. The action is user-directed, not automatic.
git clone https://github.com/kimi-claw/skill-git-standup.git cd skill-git-standup ./bin/daily-standup --help
Prefer the registry-installed skill for normal use, or inspect and pin the external repository before cloning and running its script.