Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Github Push
v0.1.0Secure GitHub push automation with auto SSH and remote config. Use when git push, automated push, or conflict handling needed.
⭐ 0· 297·4 current·4 all-time
byNima Chu@nimachu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's stated goal—automating secure GitHub pushes—generally matches the included code (git commands, ssh-add, remote handling). However there are mismatches: the code claims to "auto-create repo" yet contains no GitHub API calls or credential requirements to create repositories remotely. Also the code re-initializes repositories (removes .git) which is not an expected or benign action for a "safe" push tool and can destroy history.
Instruction Scope
Runtime instructions and the script direct the agent to inspect and modify user SSH state (~/.ssh, ssh-add), manipulate git metadata (init, remove .git), stage/commit/force-push, and auto-resolve conflicts by rebasing and forcing. These go beyond merely calling 'git push' and include destructive operations (deleting .git) and powerful actions (git push -f) that can alter or erase repository history without an explicit, well-scoped user confirmation.
Install Mechanism
No external install mechanism is declared and the skill is delivered as source files (script present). That lowers supply-chain download risk. However this also means the code will run locally with whatever privileges the agent or user grants, so inspect the scripts before running.
Credentials
The skill requests no environment variables, which is consistent with it relying on SSH-based auth. It nevertheless auto-inspects and attempts to load keys from ~/.ssh and invokes 'ssh-add', which accesses private keys and the user's ssh-agent: reasonable for pushing via SSH but sensitive. The lack of any GitHub token or API credential is inconsistent with the claim to auto-create remote repositories.
Persistence & Privilege
always:false (good). However the skill performs filesystem operations with significant side effects (deleting the .git directory, re-initializing repos, force-pushing). Those are persistent, privileged modifications to a user's repository and could cause data loss. The skill does not appear to modify other skills or agent configs, but its file-system actions are high-impact.
What to consider before installing
This skill does perform the task it advertises but has surprising and risky behavior. Before installing or running it: 1) Inspect the full scripts (especially github_upload.py) to confirm you accept the logic that deletes .git and performs forced pushes. 2) Never run on a production or important repository without a backup—create a copy of the repo first. 3) Prefer running with --dry-run and test in an isolated container or VM. 4) If you need automatic repository creation on GitHub, require a documented GitHub API/token flow—otherwise the "auto-create repo" claim is misleading. 5) If you cannot audit the code, avoid giving it access to your real SSH keys or run it with a throwaway key/account. If you want, I can list the exact code locations (functions/lines) that delete .git, call ssh-add, and perform force-push so you can review them directly.Like a lobster shell, security has layers — review code before you run it.
latestvk9735vbakwp6tc7qhmzy79mye182fakj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.