Skillv1.0.0

ClawScan security

git-hub-issus · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 10, 2026, 3:46 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This is an instruction-only Git helper consistent with its stated purpose; it requests no credentials or installs and contains only local git commands, though it includes a few minor inconsistencies and exposures you should be aware of.
Guidance: This skill is an instruction-only Git helper and is internally coherent, but review the following before installing or invoking it: (1) Ensure git is available on your system — the SKILL.md assumes git but the skill doesn't declare it as required. (2) The file lists specific local project paths and a GitHub username — verify these aren't sensitive for you and be cautious that an agent executing commands could operate on local repositories. (3) The skill references potentially destructive commands (rebase, reset, force-push); the document says to ask first, so require explicit confirmation before allowing the skill or agent to run such commands. (4) If you plan to use the referenced github/gitlab skills for PR/MR creation, those other skills will likely need credentials — check their requirements separately. If you want stricter safety, only invoke this skill interactively (not autonomously) and review any generated commands before execution.

Purpose & Capability: noteThe skill's name, description, and instructions all describe local Git operations and the provided commands match that purpose. Minor mismatch: the skill does not declare that the git binary is required even though all runtime examples assume git is available.
Instruction Scope: noteInstructions are limited to common git commands and branch/commit workflow. Two items to note: (1) the SKILL.md contains hard-coded local project paths and a GitHub username (possible PII or environment-specific data) which are informational but could confuse an agent into operating on those paths; (2) the instructions tell the agent to run potentially destructive commands (e.g., rebase, reset, force push guidance) but do explicitly advise asking the user before destructive operations.
Install Mechanism: okNo install spec and no code files — lowest-risk delivery. Nothing will be written to disk by the skill itself.
Credentials: okThe skill requests no environment variables or credentials. This is proportionate to a local git operations helper. Note: the SKILL.md references other skills (github, gitlab-ops) which, if used, may require separate credentials.
Persistence & Privilege: okThe skill is not always-enabled and does not request system or cross-skill configuration changes. Normal autonomous invocation is allowed (platform default) but not escalated by this skill.