Skillv1.0.0

ClawScan security

Repo Cleaner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 29, 2026, 11:48 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: Instructions match a Git branch cleanup tool, but the skill omits declaring Git as a required binary, contains platform-specific commands (findstr) and some operational ambiguity (local vs remote, fetch/prune, dry-run), so review before use.
Guidance: This skill appears to do what it says (identify and delete merged/stale branches) but there are a few red flags to consider before installing or running it: 1) The SKILL.md assumes the git CLI is available but the skill metadata does not declare git as a required binary — ensure your environment has git and ask the author to declare it. 2) The instructions contain a Windows-specific command (findstr); if you run on macOS/Linux, this will fail — request cross-platform variants (grep/awk) or OS-specific branches. 3) The document is ambiguous about local vs remote context and does not mandate a safe dry-run step (e.g., use --no-commit/preview output or only simulate deletions). Ask for an explicit dry-run mode and explicit confirmation prompts before any 'git branch -D' or 'git push --delete'. 4) Verify whether the runtime has credentials that allow pushing to remotes — deletions pushed upstream are destructive. 5) Recommended improvements before trusting the skill: declare git as required binary, add 'git fetch --prune' and explicit dry-run steps, normalize platform commands, clearly state whether remote deletions will be performed and require separate confirmation for remote deletes, and list protected branch patterns more conservatively. If you cannot get those clarifications, run this skill only in a safe/test repository or with network/credential access disabled.

Review Dimensions

Purpose & Capability: noteThe SKILL.md describes a Git branch pruner and the steps/instructions are consistent with that purpose. However, the registry metadata lists no required binaries even though the instructions rely on the git CLI; that mismatch should be corrected. The SKILL.md also uses a Windows-specific "findstr" call which is inconsistent with having no OS restriction.
Instruction Scope: noteInstructions explicitly list git commands to identify and delete branches and require user confirmation before deletion — appropriate scope for a repo-cleaner. Missing/sparse details: whether commands should run against a local working copy or operate via remote API, no explicit 'git fetch --prune' or dry-run guidance, and no handling of credentials or remote push failures. The presence of destructive commands (git branch -D, git push --delete) is explicit and requires careful UX safeguards.
Install Mechanism: okInstruction-only skill with no install spec or code files; nothing is written to disk or downloaded. This is the lowest-risk install mechanism for this type of utility.
Credentials: okNo environment variables or credentials are requested, which is proportionate to an instruction-only git helper. Note: although the skill doesn't request credentials, running the described git push commands would require network access and appropriate git credentials/config in the runtime environment — users should be aware of that implicit dependency.
Persistence & Privilege: okalways is false and model invocation is allowed (platform default). The skill does not request elevated or persistent privileges or attempt to modify other skills or system-wide configs.