ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Changelog

v1.0.1

Advanced handling for agent-changelog requests (history, diffs, restores, rollbacks, snapshots) using git and OpenClaw scripts with clear, user-focused summa...

1· 44·0 current·0 all-time
by@noambens
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description request git/jq/node and workspace/config env vars — all of which the included scripts and hooks actually use. The skill reads/writes workspace files, stages and commits tracked files, and optionally pushes to a remote; these are expected for a changelog/rollback tool.
Instruction Scope
SKILL.md and scripts instruct the agent to install hooks, read/write .version-context and pending_commits.jsonl, edit .agent-changelog.json and .gitignore, and to run shell scripts for status/log/diff/restore/rollback/commit. These are in-scope for the purpose, but the skill will modify OpenClaw config and register a cron — actions that affect the platform and run autonomously on events/cron.
Install Mechanism
No external downloads or obscure package installs; setup.sh copies included files into the workspace and uses the openclaw CLI (if available) to enable hooks and register a cron. This is a typical local install mechanism and not high-risk by itself.
Credentials
Declared env vars (OPENCLAW_WORKSPACE, OPENCLAW_CONFIG) are exactly what the scripts use. No unrelated credentials or secret environment variables are requested. The skill does rely on HOME and standard CLI tools, which is expected.
Persistence & Privilege
always:false. The setup script enables hooks and attempts to modify the OpenClaw config and register a cron to run commit.sh every 10 minutes, giving persistent behavior within the platform. This is justified for automated batching but increases the blast radius (automatic commits/pushes).
Assessment
This skill appears to do what it says (auto-capture, staged commits, diffs, restores, rollbacks). Before installing: 1) Inspect the included scripts (setup.sh, commit.sh, restore.sh, rollback.sh) to verify behavior. 2) Review or create a robust .gitignore and consider narrowing .agent-changelog.json tracked list (it defaults to '.') to avoid committing secrets or large runtime files. 3) Be aware setup will try to edit your OPENCLAW_CONFIG and register a cron to run every 10 minutes; if you already have a git remote configured, commits may be pushed automatically — audit the remote and your workspace before enabling. 4) If you prefer manual control, skip the cron/auto-enable steps in setup and run commits manually. If you'd like, I can point out the exact lines in setup.sh and commit.sh that enable cron, modify config, stage files, and push so you can review them.
hooks/agent-changelog-commit/handler.ts:14
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk975t5g489g2s523fv641kgfn584sc32

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsgit, jq, node
EnvOPENCLAW_WORKSPACE, OPENCLAW_CONFIG

Comments