Unfuck My Git State
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a legitimate Git recovery helper, but it can guide changes to Git metadata and creates local diagnostic snapshots, so users should run it carefully.
Before installing or using this skill, review the scripts, run them only in the intended repository, make the recommended .git backup before force/manual repairs, and be careful with commands like git branch -f, git worktree prune, and manual .git/HEAD edits. Treat generated snapshot files as potentially sensitive, and remember that git fetch --all --prune will contact configured remotes.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run against the wrong repository or branch, these commands could change local Git state or make local work harder to find until recovered.
These commands can mutate worktree metadata, branch pointers, and HEAD. They are purpose-aligned for Git recovery and are surrounded by backup/verification guidance, but users should notice the repository-impacting authority.
git worktree prune -v ... git branch -f <branch> origin/<branch> ... echo "ref: refs/heads/<branch>" > .git/HEAD
Confirm the repo path and intended branch, inspect reflog for unpushed work, back up .git before force/manual operations, and run only the smallest matching playbook.
Snapshot files may reveal repository paths, branch names, remote URLs, or recent Git history if shared or accidentally committed.
The snapshot script persistently stores local diagnostic context, including remote URLs, branch/ref data, and reflog history, in a repo-local directory.
OUT_DIR="$TOPLEVEL/.git-state-snapshots/$STAMP" ... run_capture remote_verbose git -C "$TARGET" remote -v ... run_capture reflog_head git -C "$TARGET" reflog --date=iso -n 50 HEAD
Keep snapshots local, review them before sharing, ensure .git-state-snapshots is not committed, and delete the directory when recovery is complete if it is no longer needed.
Users have limited upstream provenance information and should not rely on metadata alone to understand prerequisites.
The provenance and dependency metadata are sparse even though the manifest includes executable shell scripts. The included source is visible and no remote installer is shown, so this is a transparency note rather than a concern.
Source: unknown; Homepage: none; Required binaries (all must exist): none; Install specifications: No install spec
Review the bundled scripts before use and ensure expected local tools such as Bash and Git are available.