Code Sync
v0.2.1Use this skill to batch-sync all git repos across machines — pushing uncommitted changes at end of day or pulling latest at start of day. Invoke when the use...
⭐ 0· 387·0 current·0 all-time
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the implementation: it scans a base directory and drives git push/pull actions. Required binary is only git, which is appropriate. The SKILL.md references a separate 'git-workflow' skill as required for commits but that dependency is not declared in the registry metadata — this is an implementation note rather than a clear mismatch.
Instruction Scope
Instructions are narrowly scoped to scanning ~/code (or a user-provided base dir), categorizing repos, and taking push/pull or interactive actions. The skill writes/reads a config at ~/.config/nini-skill/code-sync/config.md (SKILL.md instructs creating this), which is not listed in the declared config paths — the file access is expected for this tool but should be noted. All network activity is standard git fetch/pull/push using the user's git credentials; no external endpoints or hidden uploads are present in the instructions or script.
Install Mechanism
No install spec (instruction-only plus a small included script). No downloads or external installers; lowest-risk install posture.
Credentials
The skill does not request environment variables or secrets. It does operate on repositories under the user's home directory and will use the user's existing git configuration and credentials (SSH keys or stored credentials) when performing network operations — this is expected for a git-sync tool.
Persistence & Privilege
Skill is not always-enabled and is user-invocable. It does not request elevated or cross-skill configuration changes. It does recommend invoking another skill (git-workflow) for commits, but it does not auto-enable or modify other skills.
Assessment
This skill is coherent with its stated purpose, but review these points before installing: (1) it will read/write a config at ~/.config/nini-skill/code-sync/config.md — ensure you are comfortable with that path; (2) commits are delegated to a separate 'git-workflow' skill referenced in the docs but not declared in registry metadata — verify and trust that skill before allowing commit actions; (3) push/pull actions will use your normal git credentials (SSH keys or credential helper) and can modify remote repositories — run it on a small set first or use a dry-run to confirm behavior. If you want extra assurance, inspect scripts/scan.sh (included) and test the scanning step only (bash scripts/scan.sh) before allowing any automated push/pull operations.Like a lobster shell, security has layers — review code before you run it.
Runtime requirements
🔄 Clawdis
Binsgit
latest
Code Sync
Batch sync all git repos under a base directory — push (end-of-day) or pull (start-of-day).
Default base directory: ~/code. Configurable via ~/.config/nini-skill/code-sync/config.md.
Prerequisites
| Tool | Type | Required | Install |
|---|---|---|---|
| git | cli | Yes | brew install git or git-scm.com |
| git-workflow | skill | Yes | Included in npx skills add niracler/skill — must be invoked via Skill tool for all commits |
Do NOT proactively verify these tools on skill load. If a command fails due to a missing tool, directly guide the user through installation and configuration step by step.
First-Time Setup
On first use, check for config at ~/.config/nini-skill/code-sync/config.md.
If not found, ask the user:
- "Where do you keep your git repos?" (default:
~/code) - "What's the directory structure?" — explain the expected pattern:
<base-dir>/*/for top-level repos and<base-dir>/*/repos/*/for monorepo sub-repos - Save to
~/.config/nini-skill/code-sync/config.md:
base_dir: ~/code
Mode Selection
| User says | Mode |
|---|---|
| 「下班同步」or "push" | Push |
| 「上班更新」or "pull" | Pull |
| 「同步代码」「code-sync」 | Ask user |
Workflow (shared by both modes)
- Scan → 2. Categorize → 3. Batch action (auto, no confirmation) → 4. Handle exceptions (interactive) → 5. Summary
If all repos are up-to-date, report that and stop.
Scan
bash scripts/scan.sh # Push: local data only (default ~/code)
bash scripts/scan.sh --fetch # Pull: fetch remote first (10s timeout/repo)
bash scripts/scan.sh --base-dir /path/to/dir # Custom base directory
Output: JSON array with fields path, name, branch, remote, remote_url, dirty_count, has_upstream, ahead, behind, and fetch_error (only on --fetch failure).
Categorize
Push mode:
| Category | Condition | Action |
|---|---|---|
| up-to-date | dirty_count == 0 && ahead == 0 | Report |
| needs-push | dirty_count == 0 && ahead > 0 | Auto git push |
| dirty | dirty_count > 0 | Interactive |
| no-upstream | has_upstream == false | Ask user |
Pull mode:
| Category | Condition | Action |
|---|---|---|
| up-to-date | dirty_count == 0 && behind == 0 | Report |
| needs-pull | dirty_count == 0 && behind > 0 | Auto git pull --ff-only |
| dirty+behind | dirty_count > 0 && behind > 0 | Interactive |
| fetch-error | fetch_error == true | Report, skip |
Exception Handling
| Situation | Steps |
|---|---|
| Dirty repo (push) | git diff --stat + git status → describe to user → ask: commit, stash, or skip. If commit, MUST invoke git-workflow skill via Skill tool — never run git commit directly. |
| No upstream (push) | Report → ask: set upstream and push (git push -u origin <branch>), or skip |
| ff-only fails (pull) | git log --oneline HEAD..@{u} + @{u}..HEAD → explain divergence → suggest: rebase, merge, or skip |
| Dirty + behind (pull) | Report both issues → ask: stash and pull (stash, pull --ff-only, pop), or skip |
Summary
Group repos by outcome after all operations complete:
## {Push|Pull} Summary
{Pushed|Updated} (N):
- repo-name (branch, N commits)
Already up-to-date (N):
- repo-a, repo-b, ...
Resolved (N):
- repo-c: action taken
Skipped (N):
- repo-d: reason
Common Issues
| Issue | Fix |
|---|---|
scan.sh finds 0 repos | Check ~/code/*/ has git repos |
fetch_error | Check network, SSH keys |
| ff-only fails | Rebase or merge manually |
| Push rejected | Pull first, then push |
Comments
Loading comments...