中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 5/100
Last scan:1 day ago Rescan
5 /100
git-sync
Manage whitelisted git repositories from chat. Status, log, diff, pull, push with security controls — only approved repos, write commands need confirmation.
A straightforward, well-structured git management script with a proper repo whitelist, read/write command separation, and confirmation guards — no hidden or suspicious behavior detected.
Skill Namegit-sync
Duration33.0s
Enginepi
Safe to install
Approve for use. The skill performs exactly as documented: whitelisted git operations with appropriate confirmation guards for write commands.

Findings 1 items

Severity Finding Location
Low
Minor doc-code mismatch on merge command Doc Mismatch
SKILL.md says merge is blocked/unsafe under 'NOT for:', but the code treats merge as a WRITE_COMMAND (requires --confirm). merge is not blocked outright, only gated. This is a documentation imprecision with no security impact.
NOT for: arbitrary git repos, destructive operations (clean, reset --hard).
→ Update SKILL.md to clarify that merge is a write command requiring --confirm, rather than listed under 'NOT for' destructive operations.
 SKILL.md:4
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned scripts/git_ctrl.py:58 — reads repo directory via os.path.isdir()
Shell WRITE WRITE ✓ Aligned scripts/git_ctrl.py:51 — subprocess.run() for git -C <path> <args>
Network NONE NONE No network calls found — git fetch/pull/push run locally through git binary
Environment NONE NONE No os.environ iteration — only os.path.expanduser for hardcoded paths
Skill Invoke NONE NONE No skill invocation detected
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser access
Database NONE NONE No database access

File Tree

2 files · 8.3 KB · 240 lines
Python 1f · 183L Markdown 1f · 57L
├─ 📁 scripts
│ └─ 🐍 git_ctrl.py Python 183L · 6.7 KB
└─ 📝 SKILL.md Markdown 57L · 1.6 KB

Security Positives

✓ Repo whitelist is enforced: only thesis and polito repos are accessible
✓ Write commands (pull, push, checkout, reset, merge, rebase) require explicit --confirm flag
✓ subprocess.run() uses argument list (no shell=True), preventing command injection
✓ No credential harvesting or environment variable iteration for secrets
✓ No network requests to external IPs — all git operations go through the local git binary
✓ No obfuscation techniques (base64, eval, encoded strings)
✓ No data exfiltration — output is printed to stdout, not sent anywhere
✓ SKILL.md accurately describes the tool's purpose, triggers, and security model
✓ Timeout protection (30s default, 60s for fetch/pull/push) prevents runaway processes
✓ Command choices are properly validated against READ_COMMANDS and WRITE_COMMANDS sets