Is marian2js/gitclaw safe?

https://github.com/openclaw/skills/tree/main/skills/marian2js/gitclaw

74
CAUTION

GitClaw is a backup skill that automatically commits and pushes workspace data to GitHub repositories. While functionally legitimate, it poses data exposure risks by automatically backing up potentially sensitive workspace content and operates with reduced user oversight through automatic system modifications and quiet operation directives.

Category Scores

Prompt Injection 75/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 90/100 · 10%
Canary Integrity 95/100 · 10%
Behavioral Reasoning 60/100 · 5%

Findings (5)

HIGH Automatic Data Backup to External Repository -20

The skill creates an automatic backup system that commits and pushes all workspace files to a GitHub repository on an hourly schedule. This could inadvertently exfiltrate sensitive workspace data.

MEDIUM Unauthorized System Modifications -25

The skill automatically installs system software (git, GitHub CLI, cron) and modifies crontab without explicit user permission for each operation.

MEDIUM Reduced User Oversight -15

The skill instructs the agent to 'do everything automatically and quietly', potentially overriding user preferences for transparency and consent.

MEDIUM Persistent Background Operations -25

The installed cron job continues to operate indefinitely, automatically backing up workspace data even when the user is not actively using the skill.

LOW Shell Script Creation and Execution -15

The skill creates and makes executable a shell script that performs git operations with potential for command injection if workspace contains malicious files.