git-dirty-check

v1.0.0

Read-only triage for a local git working tree that summarizes uncommitted changes and applies conservative risk flags. Use when a user asks what changed in a...

⭐ 0· 77·0 current·0 all-time

by@amitb-quantum

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for amitb-quantum/git-dirty-check.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "git-dirty-check" (amitb-quantum/git-dirty-check) from ClawHub.
Skill page: https://clawhub.ai/amitb-quantum/git-dirty-check
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install git-dirty-check

ClawHub CLI

Package manager switcher

npx clawhub@latest install git-dirty-check

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name, description, and runtime instructions align: the skill only needs local git read operations to produce the stated triage. It declares no binaries, env vars, or installs beyond using standard git commands, which is appropriate for the described function.

ℹ

Instruction Scope

Instructions stay narrowly scoped to reading repo state (git rev-parse, status, diff --stat) and limit deep diff inspection (max 3 files, 40 lines each). One area to note: secret detection is filename-pattern based only, and deep-diff inspection is discretionary when filename/stat data are 'insufficient' — this gives the agent limited judgment authority to open some diffs, so review the exact caps and filename rules if you need stricter guarantees.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files, so nothing is written to disk or fetched. This is the lowest-risk install posture.

✓

Credentials

The skill requires no credentials or environment variables. The requested access (local read of the git repo) is proportional to its stated purpose.

✓

Persistence & Privilege

The skill is not always-enabled and does not request elevated or persistent privileges. Autonomous invocation is permitted (platform default) but not combined with other red flags.

Assessment

This skill appears coherent and read-only, but it will run git commands and may inspect up to 3 files (40 lines each) when needed. Before enabling, ensure your repository does not contain secrets in filenames that don't match the listed secret patterns (since secret detection is filename-based only). If you require stricter guarantees, ask for an explicit policy that forbids any diff content inspection or reduce the deep-diff caps. Otherwise, it's safe to use for local triage so long as you trust the agent's local execution environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk9767ecwj84y4rrh0jkre06x7d84aw3s

77downloads

0stars

1versions

Updated 3w ago

v1.0.0

MIT-0

git-dirty-check

A narrow git skill for summarizing uncommitted changes in a local repository. It groups staged, unstaged, untracked, and conflicted entries, applies conservative path- and filename-based risk flags, and suggests up to three next checks without modifying repo state.

git-dirty-check is a deliberately narrow skill for one job: understanding the current uncommitted state of a local git repository.

It does not try to manage branches, write commit messages, resolve conflicts, review pull requests, or act as a general git assistant. Instead, it gives a compact, structured triage of the current working tree:

repo state
changed entries by category
conservative risk flags based mostly on paths, filenames, and diff stats
a few copy-paste-ready next checks
explicit omissions when details are capped or sensitive

The skill is read-only. It is designed for developers who want a quick operational summary before a commit, handoff, or local review, without granting write access or triggering broader repo assistance.

It also applies strict limits to deeper inspection:

fail fast if the target is not a git repo
branch metadata is optional
deep diff inspection is capped
secret-bearing filename patterns are handled at filename level only

This skill is most useful when raw git output is technically sufficient, but slower to parse than a stable triage summary.

Workflow

Confirm the target path is inside a git repository.
If it is not a git repository, stop immediately and say so.
Collect read-only repo state with git status and diff-stat commands.
Group changed entries into:
- staged
- unstaged
- untracked
- conflicted
Apply conservative risk flags based mostly on file paths and filenames.
Inspect diff content only when filename and diff-stat data are insufficient to assign a listed risk flag, and only for files not matched by the secret-bearing file rule.
Return the output in the fixed order defined below.

Commands to Prefer

Use read-only commands only.

Preferred commands:

git rev-parse --show-toplevel
git rev-parse --abbrev-ref HEAD
git status --short
git diff --stat
git diff --cached --stat

Use targeted diff inspection only under the deep diff inspection cap, and only for files not matched by the secret-bearing file rule.

Fail-Fast Rule

If the target path is not inside a git repository:

stop immediately
report that the path is not a git repository
do not continue with generic filesystem analysis

Branch Handling

Branch name is optional metadata only. If branch name is available from a preferred read-only command, include it in Repo state. If HEAD is unavailable or branch name lookup fails in an otherwise valid repo, omit branch metadata without error. Do not give branch advice.

Deep Diff Inspection Cap

Deep diff inspection is optional and must remain narrow.

Hard limits:

inspect at most 3 files
inspect at most 40 lines per file
never inspect secret-bearing files beyond filename-level detection

Use deep diff inspection only for files not matched by the secret-bearing file rule and only when filename and diff-stat data are insufficient to assign or decline a listed risk flag.

Secret-Bearing File Rule

Treat files matching these secret-bearing filename patterns as filename-level only.

Examples:

.env
.env.*
*.pem
*.key
id_rsa
id_ed25519
secrets.*

For these files:

do not inspect diff content
do not print values
report only that an entry matched a secret-bearing filename pattern

Conservative Risk Heuristics

Keep risk flags conservative and mostly path/file based.

Flag examples:

dependency manifest changed
lockfile changed
manifest changed without lockfile
lockfile changed without manifest
CI or workflow file changed
possible deploy or infrastructure file changed
possible auth or security-related file changed
possible migration or schema file changed
more than 10 unique paths changed
entry matched a secret-bearing filename pattern

Do not over-interpret. Avoid speculative impact claims.

Output Order

Always return sections in this exact order:

Repo state
Changed files by category
Risk flags
Suggested next checks
Unknowns or omitted detail

Output Guidance

Keep the response brief and structured.

1. Repo state

Include:

repo root
branch name only as optional metadata
counts of staged, unstaged, untracked, and conflicted files

2. Changed files by category

List entries under:

staged
unstaged
untracked
conflicted

List entries directly when there are 10 or fewer in a category. Otherwise list the first 10 and summarize the remainder.

3. Risk flags

List only conservative flags supported by filenames, paths, diff stats, or tightly capped non-sensitive diff samples.

4. Suggested next checks

Give 1 to 3 copy-paste-ready commands. Prefer read-only commands.

5. Unknowns or omitted detail

Say what was intentionally not inspected, such as:

diff content omitted due to caps
sensitive files not inspected beyond filename
large repo details summarized only

Boundaries

Never:

modify git state
stage, unstage, commit, stash, reset, checkout, merge, rebase, or push
write commit messages
provide branch strategy
expand into PR review or general git help
expose secret-looking values from diffs
use network operations

Stay narrow. This skill exists to answer: "What changed here, and which conservative risk flags apply?"

Trigger examples

“What changed in this repo?”
“Summarize my uncommitted changes.”
“What’s dirty here?”
“Give me a quick git change triage.”
“Before I commit, what changed and which risk flags apply?”
“Show staged vs unstaged vs untracked changes in this repo.”

Anti-trigger examples

“Write a commit message.”
“Help me resolve this merge conflict.”
“Review this PR.”
“Undo my last commit.”
“Clean up my branch.”
“Find the bug in this repo.”
“Refactor these files.”
“Explain git rebase.”

Limitations

Read-only only, no git state changes
Focused on current uncommitted state, not history
Risk flags are conservative and mostly path/file based
Secret detection uses filename patterns, not full secret scanning
Deep diff inspection is tightly capped
Summary usefulness depends on the clarity of repo file naming and layout
Not a replacement for full code review or git expertise

Safety notes

Uses read-only git commands only
Does not stage, unstage, commit, stash, reset, checkout, merge, rebase, or push
Does not use network operations
Fails fast on non-repo paths
Does not inspect secret-bearing files beyond filename-level detection
Avoids exposing secret-looking values from diffs
Keeps output scoped to triage, not general repo management

Comments

Loading comments...