git-workflows-pro
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent instruction-only git helper; it includes powerful history-editing commands, but they are disclosed, purpose-aligned, and paired with safety guidance.
This skill appears safe to install as an instruction-only git assistant. Treat its suggested git commands as potentially impactful: inspect repository state first, make backup branches before risky history edits, and be especially careful before force-pushing or rewriting shared history.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken command could rewrite repository history or affect collaborators' branches.
Force-pushing can overwrite remote branch history if used on the wrong branch or after insufficient review. The artifact frames it as conditional and recommends the safer `--force-with-lease`, so this is a purpose-aligned note rather than a concern.
If history was rewritten and remote update is intended, prefer: ```bash git push --force-with-lease ```
Confirm the current branch and upstream, create a backup branch first, and only force-push when you intentionally want to update rewritten history.
Repository history changes can propagate to teammates or remote branches if applied to shared work.
Shared-history changes can affect other collaborators and downstream workflows. The skill explicitly calls out the risk and requires user intent, which makes the behavior disclosed and bounded.
Avoid rewriting shared history unless the user explicitly wants that tradeoff.
Before rebasing, resetting, or force-pushing shared branches, verify whether others depend on the branch and prefer revert or merge-based workflows when appropriate.