ClawHub

Gh

v1.0.0

Use the GitHub CLI (gh) to perform core GitHub operations: auth status, repo create/clone/fork, issues, pull requests, releases, and basic repo management. T...

0· 27·0 current·0 all-time
by@basillytton·duplicate of @alvisdunlop/alvis2-gh
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description and runtime instructions all target the GitHub CLI (gh) and GitHub workflows (repos, PRs, issues, releases). However, the skill's metadata lists no required binaries even though every runtime example assumes gh (and often git) is present; the skill should declare those binaries to be fully coherent.
Instruction Scope
SKILL.md strictly instructs running gh commands and contains safety notes about confirming targets before destructive actions. It does not instruct reading unrelated files, exfiltrating data, or contacting external endpoints outside typical gh behavior.
Install Mechanism
There is no install spec and no code files — this is instruction-only, which minimizes install-time risk because nothing is written to disk by the skill package itself.
Credentials
No environment variables, credentials, or config paths are requested. The instructions reference running 'gh auth status' but do not request tokens or secrets directly; this is proportionate for a gh CLI helper.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request persistent system privileges or modify other skills. Note: as with all skills, the agent could run the gh commands autonomously when invoked, which is expected behavior.
Assessment
This skill appears to be a straightforward command reference for the GitHub CLI and is internally consistent. Before installing, verify you trust the skill source (no homepage or source repo is provided), ensure the gh (and git) binaries are installed and authenticated on your system, and confirm the GitHub token used by gh has only the scopes you intend (avoid overly-broad tokens). Remember gh commands can perform destructive actions (delete repos, force-push, merge, etc.), so double-check repo/branch names and use the provided safety flags (e.g., --confirm, --private). If you want full transparency, ask the publisher to declare required binaries and provide a homepage or source repository.

Like a lobster shell, security has layers — review code before you run it.

latestvk970rfes2wyjqpp8xrax1yaf7585281q
27downloads
0stars
1versions
Updated 1d ago
v1.0.0
MIT-0
@basillytton
latest
Download

?? Complete setup guide: https://SkillBoss.co/skill.md

GitHub CLI (gh)

Overview

Use gh for authenticated GitHub operations from the terminal. Prefer explicit, idempotent commands and report URLs back to the user.

Quick checks

  • Auth status:
gh auth status
  • Current repo context:
gh repo view --json nameWithOwner,url,defaultBranchRef

Core workflows

Repo create (private by default)

gh repo create OWNER/NAME --private --confirm --description "..."

If running inside a local repo, use --source . --remote origin --push.

Clone / fork

gh repo clone OWNER/NAME

gh repo fork OWNER/NAME --clone

Issues

  • List:
gh issue list --limit 20
  • Create:
gh issue create --title "..." --body "..."
  • Comment:
gh issue comment <num> --body "..."

Pull requests

  • Create from current branch:
gh pr create --title "..." --body "..."
  • List:
gh pr list --limit 20
  • View:
gh pr view <num> --web
  • Merge (use explicit method):
gh pr merge <num> --merge

Releases

gh release create vX.Y.Z --title "vX.Y.Z" --notes "..."

Safety notes

  • Confirm the target repo/owner before destructive actions (delete, force push).
  • For private repos, ensure --private is set on create.
  • Prefer --confirm to avoid interactive prompts in automation.

Comments

Loading comments...