ClawHub

Greptile

v1.0.1

Query, search, and manage repositories indexed by Greptile (AI codebase intelligence). Use when asking questions about a codebase, searching for code pattern...

0· 711·0 current·0 all-time
by@iahmadzain

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for iahmadzain/greptile.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Greptile" (iahmadzain/greptile) from ClawHub.
Skill page: https://clawhub.ai/iahmadzain/greptile
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: GREPTILE_TOKEN, GITHUB_TOKEN
Required binaries: curl, jq, gh
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install iahmadzain/greptile

ClawHub CLI

Package manager switcher

npx clawhub@latest install greptile
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description match the included script and instructions: the skill queries and manages Greptile-indexed repos and requires a GREPTILE_TOKEN plus a GitHub/GitLab token. Asking for a Git host token is plausible because the script forwards it to the Greptile API so Greptile can access private repos. However the package has no homepage/source and the publisher identity is unknown, which reduces provenance confidence.
Instruction Scope
SKILL.md confines runtime actions to calling scripts/greptile.sh which performs API calls (index/status/query/search) against https://api.greptile.com/v2. The instructions do not attempt to read unrelated files or exfiltrate arbitrary local data. They do, however, instruct the wrapper to obtain a GitHub token via 'gh auth token' if an env var is not provided (this reads local gh CLI auth state).
Install Mechanism
No install spec — instruction-only plus a small script shipped with the skill. Nothing is downloaded or written to disk during installation by the registry, so install risk is low.
!
Credentials
The script requires GREPTILE_TOKEN and a Git host token (GITHUB_TOKEN or GREPTILE_GITHUB_TOKEN) and forwards the Git token to api.greptile.com via the 'X-GitHub-Token' header. Sending your GitHub PAT to a third-party API is a high-privilege action; it may be justified for indexing private repos, but you should only provide a minimal-scope token and only if you trust greptile.com. The script also attempts to call 'gh auth token' (reads local gh CLI credentials) — GH CLI access is declared as a required binary, but the script uses python3 for URL quoting while python3 is not listed in the declared required binaries (runtime mismatch).
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide modifications. It does not modify other skills or system settings.
What to consider before installing
This skill appears to implement the Greptile API as advertised, but it requires you to provide or allow access to a Git host token which the wrapper will forward to api.greptile.com. Only proceed if you trust that third-party service. If you decide to use it: (1) create a GitHub PAT with the minimum scopes needed (avoid using a personal/all-access token), (2) avoid using a token that grants org- or account-level admin access, (3) consider authenticating via a temporary token or using a test repository first, (4) be aware the script will read 'gh auth token' if you don't supply a token environment variable (so local gh CLI credentials can be used), and (5) note the script calls python3 but python3 is not declared as a required binary — ensure python3 is available in your environment. If you cannot verify greptile.com's provenance or privacy policy, treat this as high-risk and avoid providing high-privilege credentials.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🦎 Clawdis
Binscurl, jq, gh
EnvGREPTILE_TOKEN, GITHUB_TOKEN
latestvk9751y123x7f7ebvcxny27aq89817ckg
711downloads
0stars
2versions
Updated 2mo ago
v1.0.1
MIT-0
@iahmadzain
latest
Download

Greptile Skill

Query and manage Greptile-indexed repositories via the REST API.

Setup

Required environment variables:

  • GREPTILE_TOKEN — Greptile API token (from https://app.greptile.com)
  • GITHUB_TOKEN — GitHub PAT with repo access (alternatively set GREPTILE_GITHUB_TOKEN, or authenticate via gh auth login — the script falls back to gh auth token)

Commands

All commands use scripts/greptile.sh (resolve path relative to this skill directory).

Index a repository

scripts/greptile.sh index owner/repo [branch] [--remote github|gitlab] [--no-reload] [--no-notify]

Default branch: main. Use --no-reload to skip re-indexing if already processed.

Check index status

scripts/greptile.sh status owner/repo [branch] [--remote github|gitlab]

Returns: status (completed/processing/failed), filesProcessed, numFiles.

Query a codebase (AI answer + sources)

scripts/greptile.sh query owner/repo [branch] "How does auth work?" [--genius] [--remote github|gitlab]
  • --genius — slower but smarter analysis (good for PR reviews, architecture questions)
  • Returns: AI-generated answer + source file references with line numbers

Search a codebase (sources only, no AI answer)

scripts/greptile.sh search owner/repo [branch] "payment processing" [--remote github|gitlab]

Returns: ranked list of relevant files, functions, and snippets with line numbers.

Tips

  • Always index a repo before querying/searching it. Check status to confirm indexing is complete.
  • Use query --genius for complex questions (architecture, PR review context, cross-file analysis).
  • Use search when you just need file locations without an AI explanation.
  • For GitLab repos, pass --remote gitlab.
  • Pipe output through jq for formatting: scripts/greptile.sh query ... | jq .
  • Multi-repo queries: not supported by the wrapper; use the API directly with multiple repositories in the body.

Comments

Loading comments...