Back to skill

Security audit

Git History Surgeon / Git 历史记录手术刀

Security checks across malware telemetry and agentic risk

Overview

The skill is about a legitimate Git cleanup task, but it presents global history rewriting as routine without enough warnings, scoping, or proof of safeguards.

Review carefully before installing or using. This skill appears focused on legitimate Git history cleanup, but any command that rewrites all branches can permanently disrupt a repository once pushed. Use only on a backed-up disposable clone, coordinate with collaborators, review affected refs, and rotate any leaked secrets instead of relying on history rewriting alone.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill prominently promotes rewriting Git history, purging sensitive data, and advanced commit graph manipulation, but it does not provide a clear warning that these operations are destructive, can invalidate existing clones and pull requests, and require coordination with collaborators. In a security-focused tool, omission of these cautions increases the likelihood of accidental repository corruption, loss of auditability, or disruption to team workflows.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The quick-start example shows an all-branches purge command against every commit without an adjacent high-visibility caution, making a destructive operation look routine and safe to run immediately. Users may execute it without understanding that it rewrites repository history globally, may break forks and CI references, and does not by itself revoke or rotate already-exposed secrets.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.