Skillv1.0.0

ClawScan security

git-commit-ai · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 5:17 AM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code and instructions are coherent with its stated purpose (generate Angular-style commit messages from the staged git diff); it does not request unrelated credentials or perform unexpected network installs, but it does include model/system-prompt text that you should be aware of before use.
Guidance: This skill appears to do what it says: it reads your staged git diff, generates an Angular-style commit message, and can optionally install a local prepare-commit-msg hook. Before installing or running: 1) Review the generated hook content (the skill backs up existing hooks unless you use --force). 2) Confirm you are comfortable with the skill reading files in your repository (it reads package.json and optional config files in the repo root). 3) Note the SKILL.md includes explicit prompt instructions for the model — ensure your environment’s model invocation and policy enforcement are acceptable, since prompt text from skills can affect model outputs. 4) No API keys are requested by the skill; if a future version asks for external credentials (Claude API keys, etc.), treat that as a separate risk and verify why they are needed. To uninstall the hook, remove .git/hooks/prepare-commit-msg or restore the backup the tool created.
Findings: [system-prompt-override] expected: The SKILL.md and index.js include system-prompt style instructions for the AI (e.g., '你是 Git commit message 生成助手...'). This is expected because the skill builds prompts for model generation; however static detectors flag this pattern because it can be used for prompt injection if misused.

Review Dimensions

Purpose & Capability: okName/description match the implementation: the code reads staged git diff, extracts context, supports language selection, and can install a prepare-commit-msg hook. There are no unrelated required binaries, env vars, or external installers requested.
Instruction Scope: noteSKILL.md and index.js instruct the agent to read git staged diffs, optional repo config (package.json or .gitcommitairc), and to optionally install a git hook — all within expected scope. SKILL.md and the code include explicit system-prompt style instructions (a system prompt for the AI to generate commit messages); a static scan flagged a 'system-prompt-override' pattern. That is expected for a tool that crafts prompts for a model, but be aware platform-level prompt handling may treat skill prompts differently.
Install Mechanism: okNo install spec that downloads arbitrary code. The skill is instruction+code only; it writes a local git hook under .git/hooks when run with --install, which is expected for this functionality. There are no external URL downloads or archive extractions.
Credentials: okThe skill requests no environment variables or credentials. It mentions using 'Claude AI' in docs but does not require external API keys in the code; presumably it relies on the host/agent model invocation capabilities. No unrelated secrets are requested.
Persistence & Privilege: okThe skill is not always-enabled and does not modify other skills or system-wide settings. The only persistent change it can make is installing a prepare-commit-msg hook in the repository (done only when user runs --install, and the code backs up existing hooks unless --force is used).