Changelog Curator
v1.0.0从变更记录、提交摘要或发布说明中整理对外 changelog,并区分用户价值与内部改动。;use for changelog, release-notes, docs workflows;do not use for 捏造未发布功能, 替代正式合规审批.
⭐ 0· 157·0 current·0 all-time
byvx:17605205782@52yuanchangxing
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's stated purpose is to curate changelogs from change lists/PR summaries and the bundle includes a Python script and templates that implement that. The script also supports directory audits and simple pattern scanning (e.g., headings extraction, CSV inspection, secret-like pattern detection). Those extra audit modes are plausible for assisting changelog generation from a repo, but are broader than the minimal 'changelog-only' functionality (it can read many file types in a provided directory).
Instruction Scope
SKILL.md instructs the agent to either produce output from templates/spec.json or (if environment permits) run scripts/run.py against a provided input path. The script will read files under the given path (various text file extensions) and can perform pattern scans for 'secret-like' strings. The instructions do not direct any external network calls, credential access, or unexpected endpoints; however, giving a repository/root path to the script will cause it to read many files, so inputs should be chosen deliberately to avoid exposing sensitive files.
Install Mechanism
No install spec — instruction-only with an included local Python script. Requires only python3 and standard library; nothing is downloaded or written to system paths during install.
Credentials
The skill requests no environment variables, no credentials, and no config paths. This is proportionate to the described functionality.
Persistence & Privilege
always is false and the skill is user-invocable. The skill can be invoked autonomously by the agent (platform default), but it does not request elevated or persistent privileges and does not modify other skills or system configurations.
Assessment
This skill appears to do what it says: it generates structured changelog drafts from supplied text or a supplied directory and includes a local Python script for auditing. Before running: (1) Inspect scripts/run.py yourself (it is readable and included). (2) Avoid pointing --input at root or large private directories — restrict input to the repo or files you intend to process to prevent accidental scanning of sensitive files. (3) Use --dry-run or run with example input first, and review generated drafts before publishing. (4) There's no network activity or credential access in the bundle, but still treat any inputs containing secrets or PII as sensitive and redact them before use.Like a lobster shell, security has layers — review code before you run it.
latestvk971g3a3kwdbsdrw0930gj65x1830qcy
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📝 Clawdis
OSmacOS · Linux · Windows
Binspython3