GitHub Actions Generator
生成 GitHub Actions 工作流,支持 CI/CD、测试、部署等多种场景。
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 804 · 15 current installs · 16 all-time installs
MIT-0
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The SKILL.md and description promise broad GitHub Actions generation (Node/Python/Go, Docker build & push, auto release, Dependabot, scheduled tasks). The included script only writes two simple workflows (ci.yml and deploy.yml), both Node-centric; it does not implement Docker, releases, Dependabot, schedules, or the CLI flags shown in the README. This is a capability mismatch and likely misleading.
Instruction Scope
Runtime instructions and usage examples show flags (e.g., --lang, --target, --registry) and multiple scenarios that the code does not support. The actual script accepts positional args ($1, $2) and ignores GNU-style flags; it only creates .github/workflows/ci.yml or deploy.yml and will overwrite those files if present. The instructions therefore overstate what the runtime will do.
Install Mechanism
No install spec and only an included bash script — nothing is downloaded from external URLs. This is low-risk from an install-perspective: code is included in the skill bundle and no network install steps are present.
Credentials
The skill requests no environment variables or credentials (correct for the provided script). However, the SKILL.md claims features that typically require credentials (e.g., pushing to registries, creating Releases, Dependabot configuration) but the skill does not request or document the needed tokens — another sign of inconsistency.
Persistence & Privilege
Skill is not always-on and does not request elevated platform privileges. It only writes workflow files into the repository (expected for a generator). There is no evidence it modifies other skills or system-wide agent settings.
What to consider before installing
This skill appears misleading: its README lists many features and CLI flags that are not implemented in the included script. If you consider installing or running it, do the following first:
- Inspect the github-actions-generator.sh content (already included) and confirm it does what you need. It currently only writes two Node-focused workflows.
- Run it in a throwaway repository or branch (not your main production repo), and back up any existing .github/workflows files because the script will overwrite ci.yml or deploy.yml.
- If you need Docker pushes, Releases, Dependabot, or multi-language support, request an updated implementation that actually requires and documents the necessary credentials (e.g., GH_TOKEN, registry credentials) and show how flags are parsed.
- Do not run this on a sensitive repo until you verify the generated workflows and the script behavior. The package appears non-malicious but is inconsistent and incomplete.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download zipactionsautomationcdcigithublatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
⚡ Clawdis
SKILL.md
GitHub Actions Generator
自动生成 GitHub Actions 工作流文件。
支持的场景
- ✅ Node.js CI/CD
- ✅ Python CI/CD
- ✅ Go CI/CD
- ✅ Docker 构建推送
- ✅ 自动发布 Release
- ✅ Dependabot 自动更新
- ✅ 定时任务
使用方法
github-actions-generator ci --lang node
github-actions-generator deploy --target vercel
github-actions-generator docker --registry ghcr
Files
3 totalSelect a file
Select a file to preview.
Comments
Loading comments…