← Back to Skills Marketplace
ryudi84

Sovereign git-commit-analyzer

by ryudi84 · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
607
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install sovereign-git-commit-analyzer
Description
Analyzes git commit history to report commit frequency, top contributors, file changes, and commit message quality for development insights.
Usage Guidance
This skill is coherent and implements a local git-history analyzer. Before installing: (1) review scripts/analyze.sh yourself (it will execute git commands in the repository) and only run it in repositories you trust, (2) be aware it reads full commit metadata and file histories (no network calls were found), (3) verify the publisher/source if provenance matters — registry metadata was inconsistent (registry listed no homepage/source while skill.json contains homepage/repository URLs), and (4) run the script manually first (./scripts/analyze.sh ...) to confirm behavior in a controlled environment. If you need higher assurance, request a signed upstream release or confirm the repository URL in skill.json matches a trusted source.
Capability Analysis
Type: OpenClaw Skill Name: sovereign-git-commit-analyzer Version: 1.0.0 The skill's stated purpose of analyzing git commit history is benign. However, the `scripts/analyze.sh` script is vulnerable to shell injection. User-controlled inputs such as `--branch`, `--author`, `--since`, `--until`, and `--days` are directly interpolated into `git log` commands without proper sanitization or quoting. This allows for arbitrary command execution if a malicious string containing shell metacharacters is provided as an argument, posing a significant remote code execution risk. The `SKILL.md` does not contain any prompt injection attempts.
Capability Assessment
Purpose & Capability
The name/description describe commit-history analysis and the code (scripts/analyze.sh) implements exactly that: it runs git log and local text processing to compute commit frequency, contributors, heatmaps, and message quality. Required tools (git, bash, common Unix utilities) are appropriate for the stated purpose.
Instruction Scope
Runtime instructions and the script operate on the local repository via git commands and environment overrides (GCA_*). The script reads commit metadata and file histories only; it does not reference unrelated filesystem paths, external endpoints, or undeclared environment secrets. It will process the repository history in full (expected for this tool).
Install Mechanism
There is no network install spec; this is instruction-only with a bundled script. Nothing is downloaded or written automatically by an installer. Installation guidance is manual (copying into ~/.openclaw/skills and making the script executable), which is low risk.
Credentials
No credentials or sensitive environment variables are required. Optional env vars (GCA_*) are configuration-only. The skill.json lists the expected tools; SKILL.md also documents additional common Unix utilities (awk, sort, uniq, wc) which are reasonable and proportionate.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or global configuration. It can be invoked by the agent (default behavior), which is expected for a user-invocable analysis tool and not concerning on its own.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install sovereign-git-commit-analyzer
  3. After installation, invoke the skill by name or use /sovereign-git-commit-analyzer
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Slug sovereign-git-commit-analyzer
Version 1.0.0
License
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Sovereign git-commit-analyzer?

Analyzes git commit history to report commit frequency, top contributors, file changes, and commit message quality for development insights. It is an AI Agent Skill for Claude Code / OpenClaw, with 607 downloads so far.

How do I install Sovereign git-commit-analyzer?

Run "/install sovereign-git-commit-analyzer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Sovereign git-commit-analyzer free?

Yes, Sovereign git-commit-analyzer is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Sovereign git-commit-analyzer support?

Sovereign git-commit-analyzer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Sovereign git-commit-analyzer?

It is built and maintained by ryudi84 (@ryudi84); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments