Is git-workflows safe?
https://clawhub.ai/gitgoodordietrying/git-workflows
The git-workflows skill is a comprehensive, well-structured reference guide for advanced git operations. It contains no malicious content, no hidden instructions, no exfiltration attempts, and no executable code beyond documentation examples. The skill is purely educational and poses minimal security risk. Minor concerns are limited to inherently destructive git commands being documented (which is the skill's purpose) and one example that writes a temp file to /tmp.
Category Scores
Findings (4)
LOW Global git config modification in examples -5 ▶
The rerere section instructs git config --global rerere.enabled true, which modifies the user's global git configuration. While this is a legitimate and commonly recommended git setting, it changes persistent system state beyond the current repository.
LOW Bisect example writes executable to /tmp -5 ▶
The automated bisect section demonstrates writing a shell script to /tmp and executing it. If the agent follows this example literally, it creates and runs an executable file outside the project directory. The example itself is benign (runs npm test) but establishes a pattern of writing to /tmp.
INFO Destructive git commands documented as standard practice -5 ▶
The skill documents inherently destructive git operations (reset --hard, stash clear, rm -rf .git/modules/, rebase which rewrites history). These are legitimate advanced git operations but could cause data loss if misapplied. The skill appropriately includes safety tips (e.g., 'Never rebase commits that have been pushed to a shared branch').
INFO Co-located voice-wake-say skill in test directory -10 ▶
A separate voice-wake-say skill exists in the same skill-under-test directory. It is not part of git-workflows and was not installed with it. It instructs the agent to run macOS say commands via Bash when voice input is detected. This is a separate skill with its own scope and does not interact with git-workflows.