Skill Releaser
v1.5.0Release skills to ClawhHub through the full publication pipeline — auto-scaffolding, OPSEC scan, dual review (agent + user), force-push release, security sca...
⭐ 0· 689·0 current·0 all-time
byChunhua Liao@chunhualiao
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description align with the included scripts and SKILL.md: it scaffolds, validates, OPSEC-scans, stages and publishes skills. However the registry metadata lists no required binaries while the SKILL.md and README explicitly require the 'gh' CLI, the 'clawhub' CLI, shell/git access and a browser tool. That metadata omission is an incoherence: someone releasing skills would legitimately need those CLIs and authenticated access, and the manifest should declare them.
Instruction Scope
Runtime instructions include broad automated behavior: create private staging repos without asking, stage/push before review, run parallel subagents for batches, silently retry/fix failures, and only surface two messages (batch review and delivery). The scriptset also enforces a force-push/orphan-branch workflow to erase history. Those are plausible for a release tool, but the 'do not report intermediate steps' / 'do not ask' anti-patterns reduce transparency and could lead to unexpected network operations or destructive git actions if the user misunderstands or the agent mis-identifies a repo. The SKILL.md also delegates to a local refactory scanner path (/tmp/openclaw-knowledge/...), which may or may not exist and implies access to local tooling.
Install Mechanism
Instruction-only skill with no install spec and only small shell scripts included — lowest-risk install posture. Nothing is downloaded from external URLs and no archive extraction is present.
Credentials
skill.yml declares permissions that match the pipeline (exec git/gh/clawhub, filesystem read/write, browser, messaging). No environment variables are required in the registry metadata, yet the SKILL.md requires an authenticated 'gh' CLI and a 'clawhub' CLI — authentication generally implies secrets or credentials (GH auth session or token) even if not declared as env vars. The set of permissions is broad but proportionate to publishing tasks; the omission of required CLI/auth declarations in the registry metadata is the main proportionality issue to address.
Persistence & Privilege
always:false (good). The skill can be invoked autonomously (disable-model-invocation:false) and the SKILL.md expects the agent to spawn parallel subagents and perform network/git/browser operations autonomously — normal for a release pipeline but increases blast radius when combined with the silent auto-fix and force-push behavior. No request to persist or modify other skills' configs was found.
What to consider before installing
This skill appears to implement a coherent release pipeline, but before installing check the following: 1) The SKILL.md expects the 'gh' CLI (authenticated) and the 'clawhub' CLI — the registry metadata does not declare these required binaries/credentials; ensure you can provide and control those credentials (and prefer using a least-privilege account). 2) The pipeline will create repos, stage code, and eventually erase git history via orphan branch + force push; test in a disposable repo/org first to confirm behavior you expect. 3) The skill is designed to auto-fix failures, retry silently, and only notify the user twice (batch review and delivery) — if you need step-by-step visibility, ask the maintainer to remove or change the 'do not report intermediate steps' policy. 4) Review the included scripts (validate-structure.sh, validate-release-content.sh, opsec-scan.sh) yourself — pay attention to the opsec scanner's delegation path (/tmp/openclaw-knowledge/...) and the fallback grep rules. 5) If you will permit autonomous runs or parallel subagents, restrict permissions (or use a dedicated CI/service account) and ensure the messaging channel used for approvals is secure. If these items are acceptable or corrected (metadata updated to list required CLIs/credentials, and policies changed to increase transparency), the skill is reasonable for its stated purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk971ay1s8pewzc6g0xg0g6p1bh81fv63
License
MIT-0
Free to use, modify, and redistribute. No attribution required.