ClawHub

每天工作结束后,一键生成当日所有 Git 仓库的提交日报,支持多仓库扫描

Security checks across malware telemetry and agentic risk

Overview

GitPulse is a local Git activity report helper that reads commit metadata but does not show hidden network, persistence, destructive, or credential-harvesting behavior.

Install only if you are comfortable with the assistant running a local Python script that scans Git repositories and prints commit metadata into chat. Use a specific --root directory rather than a broad workspace, and review the generated report before sharing because private repo names, commit messages, ticket IDs, author names, and timestamps may be exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill instructs the agent to execute a local Python script via shell, but the skill metadata does not declare any permissions. This creates a transparency and policy gap: users or the platform may not realize the skill can run code and traverse local directories, increasing the risk of unintended code execution or overbroad filesystem access when the skill is auto-invoked.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger list includes broad natural-language phrases like '今日提交' and '今天写了什么', which can cause accidental activation during ordinary conversation. In an agent context, unintended invocation can trigger scanning across multiple local repositories and expose commit metadata the user did not mean to retrieve at that moment.

Missing User Warnings

Low
Confidence
84% confidence
Finding
The README describes automated scanning of all repositories and filtering by the current Git user, but it does not prominently warn users that local repository history, author identity, timestamps, and commit messages will be read. This is primarily a transparency and privacy-consent issue: users may invoke the skill without realizing the scope of local metadata collection.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad and include common conversational requests like '今天写了什么' and '提交记录', which can cause the skill to activate unintentionally. In this skill, unintended activation is more dangerous because activation leads to shell-based scanning of local repositories, potentially exposing commit metadata from multiple repos without a clear, deliberate user request.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal