cleaner
Pass
Audited by Gen Agent Trust Hub on Jun 9, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_EXECUTION]: The skill provides a shell script (scripts/install-pre-push-hook.sh) that dynamically creates a Git pre-push hook. This script is generated from a hardcoded template and is used to automate the execution of the cleaning script before code is pushed to a remote repository.\n- [DATA_EXPOSURE_AND_EXFILTRATION]: The Node.js cleaning script (scripts/clean-repo.mjs) reads the content of repository files to identify potential secrets and credentials. This scanning process is performed locally to alert the user of sensitive data that should not be published; no data is exfiltrated to external services.\n- [PRIVILEGE_ESCALATION]: The hook installation script uses chmod +x to make the newly created pre-push hook executable. This is a necessary and standard step for configuring Git hooks and is confined to the specific hook file within the local .git directory.
Audit Metadata