Git Assistant
AdvisoryAudited by VirusTotal on Apr 14, 2026.
Overview
Type: OpenClaw Skill Name: ai-git-assistant Version: 1.0.0 The skill is classified as suspicious because it exfiltrates potentially sensitive data (git diffs and commit history) to a third-party API (api.evolink.ai). While this behavior is disclosed in SKILL.md and README.md as necessary for AI analysis, the transmission of source code to an external service is a high-risk activity. Additionally, the script scripts/git-assist.sh contains a shell injection vulnerability in the cmd_changelog function, where the eval command is used on the user-provided $from_tag variable. Although a git rev-parse check is performed, the use of eval on external input is a dangerous practice that could lead to arbitrary command execution if the validation is bypassed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the changelog command on a maliciously crafted tag or argument could run unintended shell commands in the user's environment.
The user-supplied --from value is interpolated into a shell command string and then executed with eval. Even though git rev-parse is called, shell metacharacters in a crafted ref/tag name could still be interpreted by the shell.
--from) from_tag="${2:-}"; shift 2 ;;
...
log_cmd="$log_cmd ${from_tag}..HEAD"
...
log_output=$(eval "$log_cmd" 2>/dev/null)Remove eval and call git with an argument array, for example: git log --oneline --no-merges "${from_tag}..HEAD" or an equivalent quoted array-based command.
The EvoLink API key may grant access to the user's EvoLink account or quota, so it should be treated as a secret.
The skill requires an EvoLink API key and sends it as the provider authentication header. This is expected for the disclosed integration and no unrelated credential use is shown.
local api_key="${EVOLINK_API_KEY:?Set EVOLINK_API_KEY for AI features. Get one at https://evolink.ai/signup}"
...
-H "x-api-key: $api_key"Use a provider-specific, revocable API key and avoid pasting it into shared logs, prompts, or repositories.
Staged diffs, commit history, or branch changes may leave the local machine and be processed by EvoLink/Claude.
The skill clearly discloses that repository diffs or commit history are sent to an external AI service. This is purpose-aligned, but repository data can contain proprietary code or secrets.
AI commands send git diff output or commit history to `api.evolink.ai` for analysis by Claude.
Before using AI commands, review staged changes and history for secrets or confidential code; use the local conventions command when no external transmission is desired.