ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Git Auto

v1.0.0

Git workspace automation (status/commit/push/log/diff)

0· 709·2 current·3 all-time
by@mupengi-bot
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill name and description claim multi-repo scans, conventional-commit generation/validation, branch-protection and conflict checks, and a force-push confirmation flow. The included run.sh implements only a single-workspace script that cd's to $WORKSPACE and supports basic status/commit/push/log/diff actions. Several claimed features (multi-repo, detailed message generation/validation, conflict detection, force-push confirmation) are not implemented in run.sh — the capability claims exceed the actual code.
!
Instruction Scope
SKILL.md promises safety checks and sensitive-file protections, but run.sh will run git add -A and git commit -m with automatically generated messages and then git push origin <branch> with no checks for .env/.secrets, no conflict verification, and no --force confirmation handling. The script also relies on a WORKSPACE path (defaulting to $HOME/.openclaw/workspace) and blindly operates there, which could cause unintended commits/pushes if that directory contains important repos or sensitive files.
Install Mechanism
Instruction-only with a small shell script included; there is no install spec or external downloads. Nothing is written to disk by an installer step beyond the provided files.
Credentials
The skill declares no required env vars or credentials, which is consistent. However, run.sh uses $WORKSPACE (defaulting to $HOME/.openclaw/workspace) and will invoke git push, which will use whatever local git credentials/config are present. That implicit use of the user's git credentials is expected for a git tool but is worth noting because pushes will act with the agent's Git identity and auth.
Persistence & Privilege
The skill does not request always:true, has no install actions that modify other skills or system-wide settings, and is user-invocable only by default. It does perform repository writes (add/commit/push) when run, which is normal for a git utility but means it can change user repos when invoked.
What to consider before installing
This skill is coherent with a git automation tool, but its documentation over-promises and the script will automatically stage (git add -A), commit, and push without the safety checks promised in the docs. Before installing/using: (1) inspect run.sh yourself and test it in a throwaway repo; (2) set WORKSPACE explicitly to a safe test directory (do not rely on the default); (3) be aware it will use your local git credentials to push; (4) avoid running it in repos that might contain secrets (.env, .secrets) because the script does not actually block or scan for them; (5) if you need the promised safety checks (conflict detection, force-push confirmation, multi-repo behavior), request or implement those features before using it on important repositories.

Like a lobster shell, security has layers — review code before you run it.

latestvk9774tjzfs6xar5ppj15xyk0f581d9ny

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments