Dangerous exec
Critical
- Finding
- Shell command execution detected (child_process).
git-commit-ai
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (system-prompt-override); human review is required before treating this skill as clean.
Before using this skill, review your staged diff for secrets or private data. The shell/Git usage is expected for this purpose, but run the optional Git hook installer only if you want a persistent commit reminder, and be careful with --force if your repository already has hooks. ClawScan detected prompt-injection indicators (system-prompt-override), so this skill requires review even though the model response was benign.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
The skill will run local Git commands and read staged changes from the current repository.
Why it was flagged
The skill executes local Git commands through child_process. The visible commands are fixed and purpose-aligned for locating the repository and reading staged diffs.
Skill content
return execSync('git rev-parse --show-toplevel', { encoding: 'utf-8' }).trim(); ... const diff = execSync('git diff --cached', {Recommendation
Use it in repositories you trust, review what is staged before running it, and ensure Git is installed and available.
What this means
Private source changes or secrets in the staged diff may be processed by the AI model to generate the message.
Why it was flagged
The staged diff is intentionally used as AI context to generate the commit message. That context can include private code, comments, API paths, or accidentally staged secrets.
Skill content
1. **获取 Git diff** - 读取 `git diff --cached` 的内容 ... 4. **生成 message** - 使用 Claude AI 生成详细的描述
Recommendation
Run git diff --cached first, avoid staging secrets or sensitive files, and treat the generated message as a draft to review before committing.
What this means
If installed, a local hook will run whenever git commit is used in that repository; --force may replace an existing hook.
Why it was flagged
The skill can install a persistent Git hook. The documented hook is user-directed and only reminds the user, but it changes repository behavior on future commits.
Skill content
这会在 `.git/hooks/` 目录下创建 `prepare-commit-msg` hook,每次执行 `git commit` 时都会提醒你使用本工具生成 commit message。
Recommendation
Only run --install if you want this behavior, avoid --force unless you have checked existing hooks, and remove .git/hooks/prepare-commit-msg if you no longer want it.