git-sync
Fail
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- Data Exfiltration (HIGH): The 'sync.sh' script executes 'git add .' followed by 'git push origin main'. This logic unconditionally stages all modified files in the '/home/crishaocredits/.openclaw/workspace' directory and transmits them to a remote repository. If the workspace contains sensitive data like credentials, private keys, or internal configuration that is not explicitly covered by a .gitignore file, this skill will exfiltrate that data.
- Indirect Prompt Injection (MEDIUM): As a tool that processes workspace data (which may originate from untrusted external sources) and has network write capabilities, this skill presents an injection surface. An attacker could place files in the workspace designed to be 'synced' to a repository they monitor, effectively using the agent as an exfiltration proxy.
- Command Execution (LOW): The skill executes shell commands via 'git'. While it uses standard practices, the reliance on an external shell script to manage repository state introduces a layer of execution that could be exploited if environment variables or the git configuration itself are compromised.
Recommendations
- AI detected serious security threats
Audit Metadata