Git Federation Searcher
PassAudited by ClawScan on May 1, 2026.
Overview
The artifacts match a Git-instance search helper, but it sends searches to configured external hosts and can persist optional Git API tokens and custom endpoints.
This skill appears coherent for searching federated Git hosts. Before installing, make sure you are comfortable sending search terms to the default and custom Git instances, use only least-privileged tokens for private hosts, protect the persisted instances.json configuration, and limit /gitadd access if using it in a shared Telegram bot.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your search terms and network requests may go to public Git hosts or any custom host you add.
The skill allows user-configured Git instance URLs and uses curl to query them. This is expected for federation search, but it means configured endpoints receive search traffic from the agent environment.
def add_instance(self, name: str, url: str, inst_type: str = "gitea", api_token: str = "") -> bool: ... result = subprocess.run(["curl", "-s", "-m", "10", url], capture_output=True, text=True)
Only add trusted Git instances, and avoid sensitive search terms unless you are comfortable sending them to every configured host.
A Git API token could allow access to private repository search results, and the token may be stored in the skill's configuration.
The GitInstance model supports API tokens, save_config serializes the instance data, and searches append tokens to API URLs. This is purpose-aligned for private instances but is sensitive credential handling.
api_token: str = "" ... data = {name: asdict(inst) for name, inst in self.instances.items()} ... url += f"&access_token={instance.api_token}"Use least-privileged, read-only tokens where possible, protect the skill directory, and remove tokens from configuration when no longer needed.
Telegram bot mode may require installing an undeclared package, which should be sourced carefully.
The included Telegram integration imports an external Telegram package even though the requirements artifact says there are no external dependencies. This is a dependency declaration gap rather than evidence of malicious behavior.
from telegram import Update from telegram.ext import ContextTypes, CommandHandler
If using Telegram commands, install dependencies from trusted sources and pin versions in deployment documentation.
A previously added instance can continue receiving future search queries until it is removed or disabled.
Custom Git instances are written to persistent configuration and will affect future searches. This is expected functionality, but the persisted host list becomes trusted context for later use.
CONFIG_FILE = SKILL_DIR / "instances.json" ... self.instances[name.lower().replace(" ", "_")] = instance
self.save_config()Review configured instances periodically and restrict who can add instances, especially in shared Telegram bot deployments.