Git Push Skill
Review all unpushed commits, summarize them for the user, and push to the remote.
Steps
- •
Run these commands in parallel to understand the current state:
- •
git status(never use-uallflag) - •
git branch -vvto see tracking branch and ahead/behind status - •
git log @{u}..HEAD --onelineto list unpushed commits (if upstream exists) - •
git remote -vto confirm remote URL
- •
- •
Pre-push checks — Before pushing, verify:
- •There is at least one unpushed commit. If none, inform the user and stop.
- •The current branch tracks a remote branch. If not, suggest setting upstream with
git push -u origin <branch>. - •There are no uncommitted changes that the user might want to include. If there are, warn the user and ask if they want to commit first.
- •
Summarize unpushed commits — Show the user a clear summary:
- •Number of commits to push
- •List each commit (hash + message) in chronological order
- •The target remote and branch (e.g.,
origin/main)
- •
Security review — Scan the full diff of unpushed commits (
git diff @{u}..HEAD) for:- •API keys or tokens (e.g.
sk-,Bearer, hardcoded key strings) - •Database files (
*.db,*.sqlite,*.sqlite3) - •Personal portfolio data (real dollar amounts, account numbers)
- •Credential files (
.env,*.pem,*.p12,*.key,credentials.*) - •App Group container data or UserDefaults plist exports
- •Any file under
~/Library/Application Support/or~/Library/Group Containers/
If anything suspicious is found, BLOCK the push and warn the user with specifics.
- •API keys or tokens (e.g.
- •
Push — Execute the push:
- •Default:
git push - •If
$ARGUMENTSspecifies a remote/branch, use that (e.g.,git push origin feature-branch) - •If no upstream is set, use
git push -u origin <current-branch>
- •Default:
- •
Verify — Run
git statusandgit log --oneline -3to confirm the push succeeded and the branch is up to date with remote.
Rules
- •NEVER force push (
--force,-f,--force-with-lease) unless the user explicitly requests it - •NEVER push to
main/masterwith--forceeven if asked — warn the user instead - •NEVER use
--no-verify - •If the push fails due to rejected updates (remote has new commits), suggest
git pull --rebasefirst - •If the push fails for any other reason, show the error and suggest remediation
- •Always confirm the remote URL looks correct before pushing (guard against typos or unexpected remotes)