ClawHub

GitHub Intelligence

Analyze any GitHub repository in AI-friendly format. Convert entire repos to single markdown documents, generate architecture diagrams with Mermaid, inspect...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 472 · 3 current installs · 3 all-time installs
by@aiwithabidi
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name, description, scripts, and declared primary credential (GITHUB_TOKEN, optional) align: the skill fetches and analyzes public GitHub data and converts repos to markdown/diagrams, which legitimately requires GitHub API access.
Instruction Scope
SKILL.md and the scripts are focused on read-only static analysis of GitHub repositories. The instructions and code only fetch repository metadata and file contents and do not instruct execution of repo code or exfiltration to third-party endpoints beyond GitHub.
!
Install Mechanism
SKILL.md asserts 'Python stdlib only, no dependencies', but both included scripts import the third-party 'requests' package. There is no install specification (no pip/requirements), so runtime may fail or require the agent to install 'requests' from PyPI — an installation step that is not declared and increases risk.
Credentials
Only an optional GITHUB_TOKEN is used (declared as primaryEnv). The token usage is proportional for raising GitHub rate limits and is consistent with the skill's purpose; no other secrets or unrelated env vars are requested or accessed.
Persistence & Privilege
Skill does not request persistent/always-on presence and does not modify other skills or system-wide settings. Default autonomy is allowed (normal) and there are no elevated privilege requests.
What to consider before installing
This skill appears to do what it claims (read-only GitHub repo analysis) and only asks optionally for a GitHub token, which is reasonable. However, the README claims 'stdlib only' but the scripts import the third-party 'requests' package and there is no install specification. Before installing or invoking it: 1) ask the publisher to correct the documentation (declare 'requests' as a dependency) and provide an explicit install step (e.g., requirements.txt or pip install). 2) If you must run it, prefer providing a limited-scope personal access token (or none) and run it in a sandboxed environment so that an unexpected install (pip) or network behavior is constrained. 3) If you require stronger assurance, request a version that avoids third-party packages or includes a vetted install manifest. Overall: functionally coherent, but the mismatch around dependencies and lack of install instructions is a notable risk.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97crv7nxgrcq9begwd6vy0y6n81fkz3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Primary envGITHUB_TOKEN

SKILL.md

🔍 GitHub Intelligence

Analyze any GitHub repository in AI-friendly format. Convert repos to markdown, generate architecture diagrams, understand structure and patterns.

Features

  • Analyze repo structure — file tree, README, language breakdown, recent activity
  • Generate architecture diagrams — Mermaid flowcharts from codebase structure
  • Convert repo to markdown — entire repository as a single AI-readable document
  • Inspect language breakdown — percentage by language with file counts
  • Track recent activity — latest commits, contributors, release history
  • GitHub URL tricks — hidden features, API shortcuts, search operators
  • Control analysis depth — configurable directory traversal depth
  • Limit file count — cap files for large repos
  • Read-only guarantee — never executes code from repositories
  • Public API access — no token needed (optional token for higher rate limits)

Requirements

VariableRequiredDescription
GITHUB_TOKENOptional — increases rate limit from 60 to 5000 req/hr. Get from GitHub Settings

Quick Start

PY=~/.openclaw/workspace/.venv/bin/python3

# Analyze a repository
$PY skills/github-intel/scripts/repo_analyzer.py https://github.com/anthropics/claude-code

# Convert repo to single markdown
$PY skills/github-intel/scripts/repo_to_markdown.py https://github.com/openai/openai-python

# Deep analysis
$PY skills/github-intel/scripts/repo_analyzer.py https://github.com/user/repo --depth 3

Commands

Repo Analyzer

# Basic analysis
$PY scripts/repo_analyzer.py https://github.com/owner/repo

# Deep directory traversal
$PY scripts/repo_analyzer.py https://github.com/owner/repo --depth 3

# With authentication for higher rate limits
GITHUB_TOKEN=ghp_xxx $PY scripts/repo_analyzer.py https://github.com/owner/repo

Repo to Markdown

# Convert full repo
$PY scripts/repo_to_markdown.py https://github.com/owner/repo

# Limit files for large repos
$PY scripts/repo_to_markdown.py https://github.com/owner/repo --max-files 50

# Output to file
$PY scripts/repo_to_markdown.py https://github.com/owner/repo > repo.md

Output Format (Analyzer)

# Repository: owner/repo

## Structure
├── src/
│   ├── index.ts
│   └── ...
├── README.md
└── package.json

## README
[Full README content]

## Language Breakdown
- TypeScript: 78.2%
- JavaScript: 15.1%
- Shell: 6.7%

## Architecture (Mermaid)
graph TD
  A[CLI Entry] --> B[Command Parser]
  ...

## Recent Activity
- 2 days ago: feat: add streaming support
- 5 days ago: fix: handle timeout errors

References

FileDescription
references/github-tricks.mdURL hacks, API shortcuts, search operators

Script Reference

ScriptDescription
{baseDir}/scripts/repo_analyzer.pyFull repository analysis with diagrams
{baseDir}/scripts/repo_to_markdown.pyConvert repo to single markdown document

⚠️ Security

This tool is READ-ONLY. It NEVER:

  • Executes code from repositories
  • Runs scripts, makefiles, or build commands
  • Evaluates any content from repos
  • Writes to any repository

All analysis is static file reading only.

Data Policy

This skill fetches public data from GitHub's API. No data is stored locally beyond the analysis output.

Built by M. Abidi

LinkedIn · YouTube · GitHub · Book a Call

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…