Github To Skill
v2.0.2GitHub 项目转 OpenClaw 技能参考指南 - 提供转换流程说明(纯文档,无可执行代码)
⭐ 0· 82·1 current·1 all-time
byJimmy@jijinbao-code
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill name and description claim a documentation/reference guide and the package contains only README.md, SKILL.md, and package.json. There are no declared binaries, env vars, install steps, or code files, which is proportionate for a documentation-only guide. Minor metadata inconsistencies exist (package/skill file versions show 2.0.1 while registry metadata lists 2.0.2; package.json author 'SuperMike' vs SKILL.md author 'OpenClaw Community'), but these are bookkeeping issues and do not change capability.
Instruction Scope
SKILL.md explicitly states it is documentation-only and contains no executable commands; instructions are limited to review/check steps (e.g., verify SKILL.md format, inspect dependencies) and to exclude sensitive files like .env. The document does not instruct the agent to read unrelated system files, access credentials, or transmit data to external endpoints.
Install Mechanism
There is no install specification and no extracted/remote downloads. As an instruction-only skill, nothing is written to disk or installed by the skill itself.
Credentials
The skill requires no environment variables, no credentials, and no config paths. That matches the declared purpose. The package lists license MIT-0 (very permissive); users should confirm license compatibility when reusing code, but this is unrelated to credential access.
Persistence & Privilege
Default runtime privileges are used (not always:true). The skill does not request persistent presence or modify other skills' configs. Autonomous invocation is allowed by platform defaults but the skill's content is static documentation, so autonomous behavior presents no additional risk here.
Assessment
This is a documentation-only guide and looks internally consistent. Before installing or using it: (1) verify the published package contents actually match the registry version (there is a small version mismatch between registry metadata and packaged files); (2) inspect the SKILL.md and README (already present) to confirm no hidden scripts or links you don't expect; (3) when you follow the guide to convert a GitHub project, always inspect that repository for .env/credential files and confirm license compatibility; (4) if you later add executable code based on this guide, review dependency lists and lockfiles before running npm/pip installs. These checks will reduce risk when turning documentation into runnable code.Like a lobster shell, security has layers — review code before you run it.
automationvk9751pz9cx4rfe5nswpzmcnatd83qm0vbilingualvk9751pz9cx4rfe5nswpzmcnatd83qm0vcode-analysisvk9751pz9cx4rfe5nswpzmcnatd83qm0vgatewayvk9751pz9cx4rfe5nswpzmcnatd83qm0vlatestvk975xwsr82mkdvfrc2h2gagkj183zyxjlicense-awarevk9723935p7335raht7613zq0zd83qzr6meta-skillvk9751pz9cx4rfe5nswpzmcnatd83qm0vreviewedvk9723935p7335raht7613zq0zd83qzr6security-documentedvk978t06dgr6th74d5fyd5evyt583pd6csecurity-hardenedvk972agxyfhcv6v5jxt001abc8183p0pesecurity-simplifiedvk9751pz9cx4rfe5nswpzmcnatd83qm0vsecurity-verifiedvk9723935p7335raht7613zq0zd83qzr6testedvk9723935p7335raht7613zq0zd83qzr6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.