ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Git Changelog

v1.0.0

Auto-generate beautiful changelogs from git history, grouped by conventional commit types

0· 883·2 current·3 all-time
by@fratua
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the runtime instructions: all required actions are git operations and local file output (CHANGELOG.md). No unexplained credentials, binaries, or external services are requested.
Instruction Scope
SKILL.md only instructs the agent to run git commands, parse commit messages, detect breaking changes, and optionally write/append CHANGELOG.md in the repo root. It does not instruct reading unrelated files, contacting external endpoints, or accessing credentials.
Install Mechanism
Instruction-only skill with no install steps, downloads, or code to install—lowest-risk model for this purpose.
Credentials
No environment variables, credentials, or config paths are requested. The actions operate on the local git repository only, which is proportionate to the stated function.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide changes. It may write/append to CHANGELOG.md in the project, which is appropriate for a changelog generator.
Assessment
This skill appears to do exactly what it says: run git commands, group commits by conventional-commit types, and produce/append a CHANGELOG.md. Before using it, run it in a local git clone (not on a sensitive production tree), review the generated changelog before committing, and ensure you are comfortable with the agent writing to CHANGELOG.md. If you use unconventional commit messages or have a monorepo, test the commands manually first to confirm the output meets your expectations.

Like a lobster shell, security has layers — review code before you run it.

latestvk977zrftcgcstpag52mh2b1v6d817s3f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments