ClawHub

Sovereign Commit Craft

v1.0.0

Git commit message expert. Analyzes diffs to generate perfect conventional commits, changelogs, release notes, and PR descriptions. Enforces commit message b...

0· 448·1 current·1 all-time
by@ryudi84
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name, description, and functionality match: the skill is purely about analyzing diffs/commits and producing conventional commit messages, changelogs, release notes, and PR descriptions. It declares no binaries, env vars, installs, or credentials — which is appropriate for an instruction-only text-based helper.
Instruction Scope
SKILL.md directs the agent to analyze diffs, staged changes, and commit histories to generate messages. That is within scope, but it implicitly requires access to repository diffs/commit history or that the user pastes them; users should be aware this will examine repository content (which may include sensitive data in diffs/commits). The instructions do not reference unrelated system files, external endpoints, or extra credentials.
Install Mechanism
No install spec and no code files — lowest-risk model for installation. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. This is proportionate to its stated purpose.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The skill does not request persistent privileges or modify other skills' configs.
Scan Findings in Context
[no-code-files] expected: The scanner found no code files or regex hits because this is an instruction-only skill (SKILL.md, README, EXAMPLES). This is expected for a pure guidance skill.
Assessment
This skill appears internally consistent and appropriate for generating conventional commit messages and changelogs. Before installing, note that it will analyze diffs and commit history — ensure you only provide diffs/commits you want the agent to see (they can contain secrets). Because it's instruction-only, it doesn't require credentials or install anything, but confirm you trust the skill source (homepage links to a GitHub repo) and avoid granting the agent repository access to unrelated projects. If you plan to let the agent run autonomously against repositories, audit what repos it can access and avoid sharing sensitive or private diffs without review.

Like a lobster shell, security has layers — review code before you run it.

latestvk971hyaaxmjv3cwm71e14ca4q581q32j

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📝 Clawdis

Comments