ClawHub

gitlab-commit-report

GitLab group push events collector and daily commit report generator

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 49 · 0 current installs · 0 all-time installs
by@bondli
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the implementation: the code uses Puppeteer to reuse a browser session, calls the Group activity endpoint, parses push events, deduplicates by commit id, writes JSON and Markdown reports to ~/openclaw-skill-data/gitlab-commit-report/. Dependencies in package.json (puppeteer/puppeteer-core, shared utilities) align with this purpose. Minor note: 'axios' appears in package.json but is unused in the distributed code.
Instruction Scope
SKILL.md and the code limit activity to visiting the configured GitLab group activity page, fetching its JSON/html via page.evaluate (fetch with credentials: 'include'), parsing push events, and storing them locally. However, the runtime requires connecting to an existing Chrome session (must be logged into GitLab). Reusing a browser session gives the running code the capability to access cookies, authenticated endpoints, and potentially other pages in that browser profile — so the actual exposure depends on the implementation of connectBrowser (provided by @bondli-skills/shared). The skill itself only fetches GitLab activity and does not send data to external endpoints.
Install Mechanism
There is no registry install spec (instruction-only skill in the registry), so nothing will be auto-downloaded by the platform. The bundle includes built JS files and package.json. If you install dependencies locally, Puppeteer may download Chromium during npm/pnpm install — that is normal but notable. No suspicious remote download URLs or archive extraction were present in the skill metadata.
Credentials
The skill declares no required environment variables or credentials. It uses the HOME environment variable to read/write files in the user's home directory and expects a local config.json with the GitLab URL and groupId. Not requesting API keys or unrelated credentials is proportionate. Be aware commit messages and other collected data are written to files under your home directory.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. It writes only to its own data directory under the user's HOME and does not modify other skills or system-wide agent configuration.
Assessment
This skill appears to do what it says: collect push events from a GitLab group and generate daily Markdown reports. Before installing or running it: - Understand browser access: it reuses an existing Chrome session (via @bondli-skills/shared's connectBrowser). Review that helper's code (not included here) to confirm it doesn't connect to remote websocket endpoints or expose more browser state than you intend. Reusing a logged-in browser profile gives the code access to any site cookies/pages in that profile. - Run in an isolated environment if you have privacy concerns (separate browser profile, container, or VM) so only the GitLab account is accessible to the skill. - Check config.json points to the intended GitLab instance (internal vs. public) and contains only the group path/name; no API keys are required. - Be aware collected data (commit messages, author names, commits) will be stored under ~/openclaw-skill-data/gitlab-commit-report/ — treat those files as potentially sensitive. - If you plan to npm/pnpm install dependencies, note Puppeteer may download Chromium; inspect package.json (e.g., unused axios) and consider auditing dependencies (notably @bondli-skills/shared) before use.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk975ng2g70q17a4s4b47rd77r983hnsj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

GitLab Commit Report

从 GitLab Group 的 activity 接口采集代码提交数据,支持分页拉取当天全量数据,并按需生成任意日期的提交日报。

What this skill does

This skill will:

  1. Connect to an existing Chrome browser session (with GitLab logged in)
  2. Call GitLab Group Activity API with pagination (/groups/:groupId/-/activity?limit=20&offset=N)
  3. Parse HTML response to extract push events: author, repository, commit id, commit message, timestamp
  4. Stop paginating when events older than today are encountered
  5. Merge new events into ~/openclaw-skill-data/gitlab-commit-report/YYYY-MM-DD.json with commit id deduplication
  6. On demand: aggregate statistics for any date and generate a Markdown report

Usage

When the user asks something like:

  • 采集 GitLab 今天的提交数据
  • 拉取今天的代码提交记录
  • 生成 GitLab 提交日报
  • 生成今天的代码提交报告
  • 生成某天的提交报告,比如 2026-03-18

Run:

# 采集今天的 push events(配合 cron 每小时执行)
node dist/index.js collect

# 生成今日日报
node dist/index.js report

# 生成指定日期日报
node dist/index.js report 2026-03-18

Output

The skill will generate:

~/openclaw-skill-data/gitlab-commit-report/YYYY-MM-DD.json    # 当天所有 push 事件原始数据(增量去重追加)
~/openclaw-skill-data/gitlab-commit-report/YYYY-MM-DD.md      # 指定日期提交日报

Configuration

Copy config.example.json to ~/openclaw-skill-data/gitlab-commit-report/config.json and fill in:

{
  "gitlabUrl": "https://git.corp.kuaishou.com",
  "groupId": "your-group-path",
  "groupName": "我的团队"
}

Report Content

  • 概览:提交总次数、活跃提交人数、涉及仓库数
  • Top 10 提交者排行
  • Top 5 活跃仓库排行

Files

14 total
Select a file
Select a file to preview.

Comments

Loading comments…