ClawHub

Git Stats

v1.0.0

Analyze git repository statistics including contributor rankings, lines of code by language, commit frequency by day/hour, monthly activity trends, and file...

0· 90·0 current·0 all-time
byJohn Wang@johnnywang2001
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included script: it runs git commands and reads tracked files to compute contributor rankings, LOC, activity, and trends. Minor inconsistency: registry metadata listed 'Required binaries: none' but SKILL.md correctly documents that the git CLI and Python 3.8+ are required.
Instruction Scope
SKILL.md instructs the agent to run the included script against a local repo and offers relevant flags (--json, --no-loc, --since, --until, --branch). The script only reads git metadata and tracked files; it does not access unrelated system files or external endpoints.
Install Mechanism
No install spec (instruction-only with a bundled script). Nothing is downloaded or written to disk by an installer step.
Credentials
The skill requests no environment variables or credentials. The script does not read secrets from env vars or require unrelated credentials.
Persistence & Privilege
always is false and the skill does not modify agent/system configuration or other skills. It requires explicit invocation to run (normal behavior).
Assessment
This skill appears to do exactly what it says: analyze local git repositories. Before installing or running it, note that: - It runs 'git' commands and reads all tracked files in the repository (including file contents when counting LOC). Do not run it on repos containing secrets you don't want printed or exported. - The SKILL.md mentions required binaries (git and Python 3.8+); ensure those are present. The registry metadata omitted that requirement — this is a minor inconsistency but explainable. - The script prints contributor names/emails and repository file contents counts; if you plan to share output (JSON or text), sanitize sensitive data first. - For very large repos, use the --no-loc flag to skip line counting (much faster). - The package contains the full script (scripts/git_stats.py); you can review the code locally before running to confirm there is no network I/O or unexpected behavior (the included script uses subprocess.run for git and local file reads only). If you need additional assurance, run the script in an isolated environment (e.g., container) on a non-sensitive repo first.

Like a lobster shell, security has layers — review code before you run it.

latestvk976r4fhe51j5mw716sncj512h83g7bm

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments