ClawHub

Changelog Generator

v1.0.0

Generate changelogs from git commit history with conventional commit parsing. Use when asked to generate a changelog, create release notes, summarize git his...

0· 216·0 current·0 all-time
byJohn Wang@johnnywang2001
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included script: the tool parses conventional commits from a local git repo and formats markdown/JSON changelogs. One minor inconsistency: the skill metadata lists no required binaries, but the script invokes the system 'git' command — git is a legitimate and necessary dependency for this purpose and should be declared.
Instruction Scope
SKILL.md and the script instruct the agent to run the included Python script against a specified repo. The script only runs git commands (git log, rev-parse) against the repo and writes output to stdout or a user-specified file. It does not read arbitrary unrelated system files, access environment variables, or transmit data externally.
Install Mechanism
This is an instruction-only skill with a bundled script; there is no install spec, no downloads, and nothing is written to disk by an installer. The runtime requires Python and the git binary, but no install mechanism is provided (which is acceptable for an instruction-only skill).
Credentials
The skill requests no environment variables or credentials. It does require access to a local git repository and the git CLI; those are proportionate to its stated function. The omission of 'git' from declared required binaries is the only discrepancy.
Persistence & Privilege
The skill is not always-enabled and does not request elevated or persistent privileges. It can write an output file only when the user supplies a path (or runs it in a writable directory), which is expected behavior for a changelog generator.
Assessment
This skill appears to do what it claims: it runs git locally to build changelogs and can write the result to a file. Before using it: ensure the machine has git and Python installed (the metadata should have declared git but did not), verify you point it to the intended repository path, and review commit messages if they contain sensitive information (commit history may include secrets). Because it executes git in the repo, run it in a trusted environment and confirm the script is acceptable to you before granting an agent autonomous permission to invoke it.

Like a lobster shell, security has layers — review code before you run it.

latestvk9707fymywdwqs8fjwfyvkrs2982msma

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments