Git Workflows
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: git-workflows Version: 1.0.0 The skill bundle provides extensive documentation and examples for advanced Git operations. All commands demonstrated are standard Git commands or common shell commands used in conjunction with Git (e.g., creating a temporary test script for `git bisect run`). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, obfuscation, or prompt injection attempts against the agent. The content is purely instructional and aligns with the stated purpose of teaching Git workflows.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used incorrectly, commands such as interactive rebase, commit dropping, reset --hard, or worktree removal could discard changes or make history harder to recover.
The skill documents Git operations that can rewrite or remove commits. This is purpose-aligned for advanced Git workflows, but a mistaken command could lose local work or alter repository history.
drop = remove the commit entirely
Confirm the target branch, commit, and working-tree state before destructive Git operations; consider creating a backup branch or worktree before rewriting or deleting history.
Automated bisect can run tests or scripts repeatedly across historical commits, which may trigger side effects if the repository or script is not trusted.
The automated bisect workflow runs a script across checked-out commits. This is expected for bug bisection, but it executes project-controlled commands.
git bisect run ./test-for-bug.sh
Review the bisect script and avoid exposing sensitive environment variables when running automated tests on unfamiliar or untrusted repository history.