ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Git Flow Helper

v1.0.0

Assist with Git branch management, merging, rebasing, cherry-picking, and cleaning merged branches for smoother workflow.

0· 522·1 current·1 all-time
by@honestqiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name and description match the instructions and the JavaScript implementation: it runs Git operations (create-branch, merge, rebase, cherry-pick, clean-branches). Requiring no credentials or installs is consistent with a local Git helper.
!
Instruction Scope
SKILL.md and skill.yaml include destructive commands (e.g., piping to xargs git branch -d). The implementation constructs shell commands by directly interpolating user-supplied values into exec() calls, enabling shell injection and accidental deletion of branches. The merge implementation also uses a nonstandard 'git merge ${source} into ${target}' string which is incorrect and may cause unexpected behavior.
Install Mechanism
Instruction-only skill with no install spec or external downloads; nothing is written to disk by an installer. Lower risk from install mechanism.
Credentials
No environment variables, credentials, or config paths are requested — proportional to the stated Git helper purpose.
Persistence & Privilege
The skill is not always-enabled and doesn't request elevated persistence, which is good. However, because the implementation allows arbitrary shell execution (exec) and the agent may invoke the skill autonomously, the blast radius is larger if invoked with malicious or unexpected inputs.
What to consider before installing
This skill does what it claims (Git branch and merge helpers), but its implementation is risky: it builds shell commands with unsanitized user input and runs them (child process exec), and includes commands that delete branches. Before installing or enabling it, consider: 1) review and fix the implementation to avoid string-interpolated shell commands — use execFile/spawn with argument arrays or a Git library (libgit2), and validate/whitelist branch/commit names; 2) require explicit user confirmation for destructive actions (branch deletion, forced merges); 3) correct the incorrect merge syntax; 4) test in an isolated repository or non-production environment; 5) restrict autonomous invocation or add safeguards if the agent can run this skill without human approval. If you are not comfortable reviewing/fixing the code, do not enable this skill on agents that have access to important repositories.

Like a lobster shell, security has layers — review code before you run it.

gitvk975kj93wqcahv58medr52wfd181nmn2latestvk975kj93wqcahv58medr52wfd181nmn2version-controlvk975kj93wqcahv58medr52wfd181nmn2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments