ClawHub

Git Workflow

v1.0.0

OpenClaw Git 工作流技能。 当用户提及以下任务时使用: - 提交代码或文档 - 推送到远程仓库 - 管理多个 Git 仓库 - 查看 Git 状态 核心能力: - 自动检测文件变更 - 自动生成提交信息 - 自动推送到远程仓库 - 多仓库管理

0· 1.1k·26 current·27 all-time
by@broommonk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Git workflow, auto-detect changes, generate commit messages, push, multi-repo) match the manifest and SKILL.md. The declared dependency on git and the 'exec/read/write' requirement in skill.yaml are appropriate for executing git commands and modifying repository files.
Instruction Scope
SKILL.md only instructs standard git commands (git status, git diff, git add, git commit, git push) and troubleshooting. This stays within the stated purpose. Note: the instructions recommend 'git add .' and automatic push flows — these are powerful operations that can include sensitive files if present and will perform network pushes; consider requiring explicit user confirmation before committing/pushing.
Install Mechanism
No install spec and no code files — instruction-only skill. This minimizes risk because nothing is downloaded or written by an installer.
Credentials
The skill requests no environment variables or external credentials. The need for git and local filesystem access is proportionate to its stated function. Examples reference a workspace path (/root/.openclaw/workspace) — ensure the agent is allowed to operate only in intended directories.
Persistence & Privilege
always:false (not force-included). The skill requires exec/read/write permissions (to run git and modify repos), which is reasonable. Autonomous invocation (default) means the agent could run commits/pushes when triggered — this is expected but worth user attention.
Assessment
This skill appears to be what it says: an instruction-only Git automation helper that runs git commands. Before installing or enabling it: 1) Confirm the agent will only operate in repositories you expect (set workspace path and repo list); 2) Avoid automatic 'git add .' unless you trust there are no secrets in the repo (use .gitignore and review changes); 3) Prefer requiring explicit user confirmation before performing git commit and git push; 4) Ensure Git credentials (tokens/SSH keys) are stored and scoped appropriately — the skill does not request credentials, but it will use whatever credentials the agent environment has; 5) If you need stricter control, restrict the skill to read-only or interactive flows rather than automatic push.

Like a lobster shell, security has layers — review code before you run it.

automationvk97ce34m47k0t8jcmyyxphqz0n823jzhgitvk97ce34m47k0t8jcmyyxphqz0n823jzhlatestvk97ce34m47k0t8jcmyyxphqz0n823jzhworkflowvk97ce34m47k0t8jcmyyxphqz0n823jzh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments