Git Workflow
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: git-workflow Version: 1.0.0 The OpenClaw Git workflow skill bundle appears benign. It provides standard Git commands (`git status`, `git add`, `git commit`, `git push`, `git config`) and instructions for an AI agent to automate common Git operations. The requested permissions (`exec`, `read`, `write`) are necessary for its stated purpose. There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized remote execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent for harmful objectives. While placeholders in commands like `git add <file>` and `git commit -m "message"` could pose a shell injection vulnerability if the agent's input sanitization is inadequate, this represents a platform vulnerability rather than malicious intent within the skill itself.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Unintended files, generated outputs, secrets, or unfinished changes could be committed and pushed to a remote repository.
The default documented workflow can stage every changed file, create a commit, and push it to a remote. The artifacts do not require a user review or approval checkpoint before these high-impact actions.
核心能力: ... 自动推送到远程仓库 ... # 添加所有变更 git add . ... # 提交 git commit -m "提交信息" # 推送 git push
Require the agent to show `git status` and `git diff`, list the exact files, commit message, target branch, and remote, then ask for explicit approval before any `git add`, `git commit`, or `git push`. Prefer file allowlists over `git add .`.
A mistaken file selection or commit message could affect several projects or expose configuration/memory files across remotes.
The skill explicitly supports committing and pushing across multiple repositories, including memory/config and business-related repositories, but does not define a repository allowlist or containment rules.
### 示例 2: 多仓库管理 ... 1. 识别文件所属仓库 2. 分别提交到对应仓库 3. 分别推送 **仓库示例**: - Jarvis: 记忆、配置 - Stock-Analysis: 股票分析代码 - Amazon-Analyzer: 亚马逊运营工具
Limit the skill to user-selected repositories and require per-repository confirmation before committing or pushing. Avoid automatic multi-repo push workflows.
The agent may publish changes using the user's Git identity and access rights.
Remote pushes will rely on the user's configured Git credentials, token, or SSH key. This is expected for a Git workflow skill, but users should recognize it acts with their repository privileges.
错误 2: 推送失败 ... 1. 检查 Git 凭据 2. 使用 Token 代替密码 3. 配置 SSH Key
Use least-privilege Git credentials, verify the target remote and branch, and do not allow unattended pushes to sensitive repositories.