ClawHub

Gitai - Git Commit Automation

Security checks across malware telemetry and agentic risk

Overview

This Git automation skill is coherent, but it can commit and push code and use third-party AI providers without enough guardrails or disclosure.

Install only if you are comfortable with an agent invoking an external Git automation CLI in your repositories. Review diffs and generated commit messages before committing, avoid `--push` unless you explicitly confirm the branch and remote, and do not use it on sensitive repositories unless the configured AI provider is approved for that code.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to configure an external AI provider and describes analysis of staged changes, but it does not clearly warn that code diffs and commit context may be transmitted off-host to third-party LLM services. This can cause accidental disclosure of proprietary source code, secrets, or sensitive development context, especially because the tool is positioned as frictionless automation and 'one command' usage.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly promotes a workflow that stages, commits, and pushes changes automatically, but it does not include a clear safety warning about modifying repository state or publishing code to a remote. In an agent context, that omission can lead to unintended commits or remote publication of sensitive or incomplete changes, especially if users treat the skill as safe automation.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The example `gitai . '' --push` demonstrates publishing changes to a remote repository without any adjacent caution about exposing private code, triggering CI/CD, or affecting collaborators. Because this is an automation skill with `Run Command` access, normalizing `--push` as a standard example increases the chance of accidental remote-impacting actions.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger phrase "conventional commits" is broad and likely to appear in ordinary developer conversations that are not explicit requests to invoke this skill. This can cause accidental activation and unintended exposure of repository context or automation behavior when the user only wanted general advice.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrase "git message" is ambiguous and generic, making it likely to match normal discussion about Git commit messages rather than a deliberate request for this skill. Ambiguous activation increases the risk of unintended execution paths and confusing or unsafe automation in unrelated contexts.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrase "auto commit" is highly generic developer language and may collide with routine requests about Git workflows, CI behavior, or editor features. Because it can be interpreted as performing commits rather than drafting messages, accidental activation could lead users to overtrust automation or trigger behavior in the wrong context.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger phrase "auto commit" or similarly broad automation wording could imply the skill will perform a commit instead of merely generating a message, creating dangerous ambiguity around source-control actions. In a Git automation context, this makes accidental invocation more risky because users may infer repository-modifying behavior from an imprecise trigger.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal