Skills
skills/steipete/clawdis/gitcrawl/Gen Agent Trust Hub

gitcrawl

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gitcrawl binary and the gh (GitHub CLI) utility to perform local and remote issue management tasks.
  • [EXTERNAL_DOWNLOADS]: The command gitcrawl init --portable-store git@github.com:openclaw/gitcrawl-store.git downloads issue data and embeddings from a remote GitHub repository to set up the local environment.
  • [DATA_EXFILTRATION]: The skill connects to GitHub to sync thread data (gitcrawl sync) and fetch live PR/issue details (gh pr view, gh issue view). This is standard functionality for a GitHub triage tool and does not involve exfiltrating sensitive local files.
  • [PROMPT_INJECTION]: The agent ingests untrusted content from GitHub issue and PR bodies, which is a common surface for indirect prompt injection.
  • Ingestion points: Output from gitcrawl search, gitcrawl threads, and gh view commands in SKILL.md.
  • Boundary markers: The skill does not define explicit delimiters or warnings to ignore instructions within the retrieved data.
  • Capability inventory: The agent has the capability to execute shell commands using gitcrawl and gh.
  • Sanitization: No explicit sanitization or validation of the external content is implemented in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 03:51 PM