ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Git Manager

Perform common Git operations like status, commit, push, pull, branch management, and merge with safety checks and dry-run support.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 44 · 0 current installs · 0 all-time installs
by@liyico
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to be a git CLI wrapper (status, commit, push, pull, branch, etc.), which aligns with its name. However, the runtime code executes an external script at an absolute user-specific path (/Users/nico/.openclaw/workspace/skills/git-manager/scripts/git-manager) that is not included in the package. skill.json references different script names (scripts/git_manager.py, various shell scripts) that also are not present. Requiring execution of an external, missing script at a hard-coded path is disproportionate and not justified by the description.
!
Instruction Scope
SKILL.md describes direct use of the git CLI and local repo operations and lists environment variables for configuring logs/dry-run/protected branches. The actual runtime (index.ts) delegates to an external script and passes args via child_process.exec. The SKILL.md does not mention the external script path or behavior of that script. SKILL.md also claims integration with session cwd, but the code calls a specific absolute script path, creating a mismatch and granting broad discretion to the external script (which is not visible).
!
Install Mechanism
There is no install spec, and no included scripts under scripts/ even though skill.json and index.ts expect them. The code will try to execute a non-included binary at a hard-coded absolute path. That is high-risk: the runtime depends on external artifacts not packaged with the skill, making behavior unpredictable and possibly executing arbitrary code if that path exists or is later created.
!
Credentials
The registry metadata lists no required env vars, but SKILL.md documents GIT_MANAGER_LOG, GIT_MANAGER_DRY_RUN, and GIT_MANAGER_PROTECTED_BRANCHES. skill.json also grants filesystem read/write to ~/.openclaw/workspace/**. The mismatch between declared requirements and the environment vars the instructions expect is a red flag. Access to the workspace and executing external scripts is more privilege than a minimal Git helper strictly requires, especially given the missing script contents.
Persistence & Privilege
The skill is not marked always:true and uses standard autonomous invocation. It logs to ~/.openclaw/logs and skill.json requests read/write under ~/.openclaw/workspace/** which is expected for a workspace-oriented git helper. This is not an immediate privilege escalation, but combined with the external script execution it increases the surface area: an executable in the workspace could be run with the agent's permissions.
What to consider before installing
This skill claims to wrap git safely, but the package is missing the scripts it expects and index.ts runs a hard-coded script in /Users/nico/... that isn't included. That means you cannot verify what will actually run. Before installing or enabling this skill: 1) Do not run it on sensitive repositories. 2) Ask the publisher for the missing script sources (scripts/git-manager, scripts/git_manager.py, and the shell scripts referenced) and inspect them for arbitrary shell commands or network calls. 3) Require that the package be self-contained (no hard-coded absolute paths) and that environment variables and filesystem permissions in the manifest match SKILL.md. 4) If you must use it temporarily, run it in a sandboxed account or container with limited repository access and no private SSH keys. These inconsistencies make the skill suspicious until the missing scripts and manifest mismatches are resolved.
index.ts:36
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97c9f922yz113nysfpz28maf583m55y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Git Manager Skill

This skill safely executes common Git commands. It wraps git CLI with additional safety checks and structured output.

Capabilities

  • status - Show working tree status
  • commit - Stage changes and commit (with message)
  • push - Push to remote
  • pull - Pull from remote (rebase or merge)
  • branch - Create, list, delete branches
  • checkout - Switch branches
  • merge - Merge branches
  • stash - Stash/apply changes
  • log - Show commit history
  • diff - Show changes

Safety Features

  • No force push by default (--force must be explicit)
  • Protected branches: Cannot delete or commit directly to main/master/production
  • Dry-run mode: Preview operations before execution
  • Auto-commit message quality check (LLM can improve messages)
  • All operations logged to ~/.openclaw/logs/git-manager.log

When to Use

User says:

  • "查看Git状态"
  • "提交代码"
  • "推送到远程仓库"
  • "拉取最新代码"
  • "创建新分支"
  • "合并分支"
  • "查看提交历史"

Invocation

# Status
git-manager --action status --repo /path/to/repo

# Commit all changes
git-manager --action commit --repo /path/to/repo --message "feat: add user auth"

# Commit specific files
git-manager --action commit --repo /path/to/repo --files [file1,file2] --message "fix: bug in payment"

# Push
git-manager --action push --repo /path/to/repo --branch feature-xyz

# Pull
git-manager --action pull --repo /path/to/repo --branch main

# Create branch
git-manager --action branch --repo /path/to/repo --create new-branch --from main

# Checkout
git-manager --action checkout --repo /path/to/repo --branch feature-xyz

# Diff
git-manager --action diff --repo /path/to/repo --files [file1]

Output Format

JSON with fields:

  • success: boolean
  • output: string (raw git output)
  • error: string (if failed)
  • changed_files: array (for commit)
  • commit_sha: string (after commit)
  • branch: current branch

Example:

{
  "success": true,
  "action": "commit",
  "commit_sha": "abc123def",
  "changed_files": ["src/auth.py", "tests/test_auth.py"],
  "output": "[main abc123] feat: add user auth\n 2 files changed, 45 insertions(+)"
}

Configuration via Environment

  • GIT_MANAGER_LOG: path to activity log (default ~/.openclaw/logs/git-manager.log)
  • GIT_MANAGER_DRY_RUN: set "1" to default to dry-run
  • GIT_MANAGER_PROTECTED_BRANCHES: comma-separated list (default main,master,production)

Integration with OpenClaw

When used from a developer role session:

  • Automatically respects the session's cwd as the repo if --repo not provided
  • Can chain operations: status -> commit -> push in one go
  • Suggest commit messages based on git diff (if --message omitted)

Examples in OpenClaw Sessions

# Developer session
sessions_spawn(
  task="提交刚才修改的登录页面样式",
  config="configs/developer.yaml",
  attachments=[]
)
# The skill will: git add . && git commit -m "style: improve login page" && git push

Limitations

  • Does not handle merge conflicts automatically (requires human)
  • No rebase interactive (complex history edits)
  • Assumes standard Git flow (no custom hooks)
  • SSH keys must be pre-configured for push/pull

Troubleshooting

IssueCheck
Permission denied (publickey)SSH agent running? ssh-add -l
Not a git repository--repo path correct?
Branch protectedCannot commit to main; create feature branch first
Merge conflictResolve manually; skill only detects conflict

Future Enhancements

  • PR creation via GitHub CLI (gh pr create)
  • Auto-version bump based on commit messages (semantic-release)
  • Branch cleanup (delete merged branches)

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…