Git Workflows
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, commands such as interactive rebase, commit dropping, reset --hard, or worktree removal could discard changes or make history harder to recover.
The skill documents Git operations that can rewrite or remove commits. This is purpose-aligned for advanced Git workflows, but a mistaken command could lose local work or alter repository history.
drop = remove the commit entirely
Confirm the target branch, commit, and working-tree state before destructive Git operations; consider creating a backup branch or worktree before rewriting or deleting history.
Automated bisect can run tests or scripts repeatedly across historical commits, which may trigger side effects if the repository or script is not trusted.
The automated bisect workflow runs a script across checked-out commits. This is expected for bug bisection, but it executes project-controlled commands.
git bisect run ./test-for-bug.sh
Review the bisect script and avoid exposing sensitive environment variables when running automated tests on unfamiliar or untrusted repository history.