Back to skill
Skillv0.1.2
ClawScan security
Braingit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 9:26 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements, instructions, and included script are consistent with its stated purpose of committing Markdown-only changes in a git repo and do not request unrelated credentials or perform network exfiltration.
- Guidance
- This skill appears to do what it says: locally stage and commit files matching a glob (default *.md). Before using it: (1) run with BRAINGIT_DRY_RUN=1 to verify which files would be staged; (2) double-check BRAINGIT_PATTERN and BRAINGIT_REPO so you don't accidentally stage more than intended (a broad pattern like '*' would stage everything); (3) avoid storing secrets in Markdown or explicitly exclude sensitive paths in .gitignore; (4) note the script commits locally only—it does not push to remotes or send data over the network. If you plan to run it automatically (cron/OpenClaw), test manual runs first and keep .gitignore tight.
Review Dimensions
- Purpose & Capability
- okName/description match the included script and documentation. The only code file implements staging and committing files matching a user-configurable glob (default *.md), which is exactly what the skill advertises.
- Instruction Scope
- okSKILL.md and scripts operate only on a local git repository: they run git status, git add, and git commit. There are no network calls, external endpoints, or instructions to read unrelated system files. The pattern and repo path are configurable via documented env vars.
- Install Mechanism
- okNo install spec; this is an instruction-only skill with a small script included. Nothing is downloaded or written to disk by an installer.
- Credentials
- okNo credentials or special environment variables are required. The script accepts optional env vars (BRAINGIT_REPO, BRAINGIT_PATTERN, BRAINGIT_DRY_RUN) that are documented and directly related to its function.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify other skills or global agent settings, and only makes local git commits (it does not push or store tokens). Autonomous invocation is enabled by default but is not combined with other risky behaviors.