ClawHub

Git 提交信息生成器

Security checks across malware telemetry and agentic risk

Overview

This is a small local commit-message helper with broad activation phrases, but no evidence of hidden data access, network activity, persistence, or automatic commits.

The main thing to watch is accidental activation: generic Git phrases may invoke the skill during normal discussion. Avoid pasting diffs that contain secrets, and review the generated commit message before using it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases include very generic terms such as "提交信息", "commit message", and "git commit", which are likely to appear in ordinary conversation or unrelated requests. This can cause the skill to activate unintentionally, increasing the chance it processes sensitive diffs or overrides a user's broader workflow unexpectedly.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes broad phrases such as “提交信息”, “commit message”, and “git commit”, which are common terms in normal developer conversation and can cause accidental activation outside clear user intent. In an agent setting, overly broad activators increase the chance the skill runs on incidental text, potentially causing unintended processing of pasted diffs or repository context.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation keyword "提交信息" is broad enough to match ordinary conversation about commit messages, which can cause the skill to trigger when the user did not clearly intend to invoke it. In an agent environment, unintended activation can expose workspace context or cause the model to perform actions on unrelated prompts, making this a genuine prompt-triggering and scope-control issue.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal