ClawHub
Back to skill

Security audit

Git Pushing

Security checks across malware telemetry and agentic risk

Overview

This skill performs the Git workflow it advertises, but it can publish all current repository changes to a remote without a built-in review or confirmation step.

Install only if you are comfortable with an agent staging every current repository change and pushing it to the configured Git remote. Before using it, review `git status`, the diff, the current branch, and the `origin` URL, especially in public repositories or workspaces that may contain secrets or unrelated edits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation phrases are broad enough that ordinary conversation about saving or sharing work could trigger a stage/commit/push workflow without clear intent. In this context, unintended activation is dangerous because the skill stages all changes and publishes them to a remote, potentially exposing secrets, unfinished work, or unrelated modifications.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The usage criteria describe several ambiguous situations like completing a feature or wanting to share work, which do not clearly establish authorization to publish repository contents. Because this skill performs irreversible collaboration actions against a remote repository, vague invocation rules materially increase the chance of accidental commits and pushes.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The markdown does not warn that the workflow stages all changes and pushes them to a remote repository, omitting the most security-sensitive side effects. In a source-control context, this can cause accidental inclusion of secrets, environment files, unrelated edits, or sensitive code and then immediately publish them upstream.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.