ClawHub

Peter Commit Ops

Security checks across malware telemetry and agentic risk

Overview

This skill openly automates Git commits, branch pushes, and PR creation, with visible guardrails and no hidden executable payload.

Install or invoke this only when you intend the agent to change Git state and potentially publish a branch or PR using your configured GitHub account. Before use, confirm the repository, branch, remote, diff, staged files, and active gh account, and be cautious in untrusted repositories because repository workflow checks may execute local project code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description and invocation examples are broad enough to match common user requests like 'help me commit', 'push', or 'create PR', which can cause the agent to trigger this skill in situations where the user did not intend repository-modifying actions. Because the skill performs high-impact operations such as git commit, branch push, and PR creation, overly broad routing increases the chance of unintended code publication or workflow execution.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The applicable-scenario list defines positive triggers but lacks scope boundaries, exclusions, or disambiguation rules, so the agent may invoke the skill whenever it sees broad phrases related to commit/push/PR workflows. In this context, that is dangerous because the skill is not read-only: it stages files, creates commits, pushes branches, and opens PRs, all of which are external side effects that should only occur under tightly scoped conditions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal