Git Summary
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: Developer: Version: Description: OpenClaw Agent Skill The skill bundle is benign, providing a summary of a local Git repository using standard `git` commands. All commands specified in `SKILL.md` are directly related to the stated purpose and do not exhibit any signs of data exfiltration, malicious execution, persistence, or prompt injection attempts. Furthermore, the `SKILL.md` includes a positive security instruction to the agent to avoid exposing sensitive information like tokens in URLs.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent will inspect and report local repository information, but the listed commands do not modify the repository.
The skill asks the agent to run terminal Git commands. They are read-only and directly support the stated repository-summary purpose.
use the terminal to run the following commands ... `git status --short --branch` ... `git log --oneline -10 --decorate` ... `git branch -a --list` ... `git remote -v`
Install if you are comfortable with the agent reading and summarizing the current repository state.
A summary could reveal private repository remote URLs unless sensitive parts are redacted.
Remote URLs can sometimes contain embedded tokens or private repository locations. The artifact acknowledges this and instructs redaction if tokens are present.
Run `git remote -v` to show configured remotes ... Always respect that some information may be sensitive - don't expose full URLs if they contain tokens.
Review output before sharing it, especially remote URLs and branch names, and ensure any embedded tokens are redacted.