ClawHub

Document Multiple Repository

v0.1.0

Gera documentação técnica consolidada para sistemas de software com múltiplos repositórios (frontend, backend, microservices, wikis). Use quando o usuário pedir documentação de multi-repo, visão de arquitetura consolidada, mapeamento de repositórios ou documentação a partir de vários repos locais.

0· 922·0 current·0 all-time
byDaniel Lélis Baggio@dannyxyz22
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to generate consolidated documentation from multiple locally-cloned repositories and its instructions only require scanning a provided ROOT_PATH, detecting git repos and wikis, and producing files under OUTPUT_PATH. There are no unrelated environment variables, binaries, or install steps required, so the requested capabilities match the stated purpose.
Instruction Scope
SKILL.md directs the agent to recursively scan ROOT_PATH for .git directories, classify repos, and extract README, build files, manifests, API routes, wiki pages, etc. This is appropriate for repository documentation, but the instructions do not include explicit safeguards: they may read configuration files or secrets that happen to live in the repositories (e.g., .env, config, private keys) and do not specify redaction, size limits, or exclude binary files. The skill also states 'Do not execute code' and 'Do not modify the original repositories', which constrain behavior, but enforcement depends on the host agent.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute. That is the lowest-risk install model: nothing is written to disk by the skill itself and no external downloads are requested.
Credentials
The skill declares no required environment variables, credentials, or config paths. That is proportionate to its purpose of reading local repositories. There are template examples that show API headers and tokens (placeholders), but the skill does not request those at runtime.
Persistence & Privilege
always:false and default model-invocation settings are used. The skill does not request persistent presence or elevated platform privileges, nor does it modify other skills or global agent settings according to the provided files.
Assessment
This skill appears coherent and does what it says: scan a user-specified folder of locally-cloned repositories and generate documentation. Before running it, explicitly choose a narrow ROOT_PATH (do not point it at / or your entire home directory) so it only examines intended projects. Expect it to read repository files including READMEs and config files—if those repos contain secrets (API keys, private certs, .env files), remove or move them before running or run the skill in an isolated environment. Confirm your agent enforces the 'Do not execute code' constraint and will not upload generated documentation to external services unless you instruct it to. If you need automatic redaction of secrets or PII, add that step to the workflow or pre-sanitize repositories. If you want extra assurance, test the skill on a copy of repositories that contains only non-sensitive data.

Like a lobster shell, security has layers — review code before you run it.

latestvk9752jx00rbhd36kewx6jxpqrh810ger

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments