Openclaw Github Sync

The skill is designed with strong security controls, including a secret scanner (`scripts/scan_secrets.py`) that blocks commits/pushes if sensitive data is detected, and explicit warnings in `SKILL.md` and `README.md` about the risks of the `pull` operation. However, the `scripts/pull.sh` script allows overwriting agent workspace files (skills, markdown, persona content) from a remote Git repository. While the documentation clearly states this is a 'trust boundary' and 'manual-only' operation, this capability represents a significant prompt injection or remote code execution vulnerability if the designated sync repository is compromised. Additionally, `references/export-manifest.txt` includes the entire `memory/` directory for export, relying solely on the secret scanner to prevent sensitive data exfiltration, which is a point of concern if the scanner has limitations.