ClawHub

AtomGit

v1.0.1

Use this skill when the user explicitly mentions AtomGit or atomgit.com, or needs to inspect or change AtomGit repositories, pull requests, issues, branches,...

1· 75·0 current·0 all-time
bykyle@kylezhang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description describe AtomGit repository and admin workflows and the skill only requests ATOMGIT_TOKEN and references AtomGit MCP tools and endpoints. There are no unrelated credentials, binaries, or install steps demanded that would be disproportionate to a repo/PR/issue management skill.
Instruction Scope
SKILL.md restricts actions to AtomGit contexts, instructs the agent to inspect the runtime tool list, gather identifiers before mutating state, prefer reads over writes, and to pause if the MCP server is missing. It explicitly forbids asking users to paste tokens into chat and disallows in-task automatic installs—these instructions stay within the stated purpose.
Install Mechanism
No install spec or code is present — the skill is instruction-only. The README and references point to upstream MCP server sources and an npm package, but the skill does not perform any downloads or installations itself.
Credentials
Only ATOMGIT_TOKEN is declared and used as the primary credential, which is appropriate for an API-driven repository management skill. The docs advise storing tokens in a client secret store and not pasting them in chat.
Persistence & Privilege
The skill does not request always:true or other elevated platform privileges. It's user-invocable and allows normal autonomous invocation, which is the platform default and appropriate here.
Assessment
This skill is instruction-only and appears internally consistent: it only needs an AtomGit personal access token (ATOMGIT_TOKEN) and expects an AtomGit MCP server to be installed and verified outside the task runtime. Before installing or using it, verify the upstream MCP server package/source (the README points to atomgit.com and an npm package) and ensure you store ATOMGIT_TOKEN in a secure client-side secret store (do not paste it into chat). If you operate in an environment that also uses GitHub/GitLab, confirm the user explicitly refers to AtomGit to avoid accidental cross-platform operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bp3ntt6y7r8zn6mvddtz371840rsx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvATOMGIT_TOKEN
Primary envATOMGIT_TOKEN

Comments