ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

GitHub Pages Auto Deploy

Auto-deploy websites to GitHub Pages with custom domain support

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 425 · 5 current installs · 5 all-time installs
by@sendwealth
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (auto-deploy to GitHub Pages with custom domains) match the SKILL.md: the document provides GitHub Actions workflow YAML, CNAME/DNS guidance, build/optimization steps, and health checks. No unrelated credentials, system paths, or binaries are requested.
Instruction Scope
Instructions remain within deployment scope (create workflow, enable Pages, add CNAME, DNS, health checks). Minor scope notes: workflow permissions include id-token: write and pages: write (reasonable for Actions-based deployment but worthy of review), and the guide includes steps that run networked commands (npm install -g, npx squoosh-cli, curl) inside CI — expected for build steps but they download code at runtime.
Install Mechanism
No install spec and no code files—lowest risk. The skill only provides instructions that rely on GitHub Actions and marketplace actions (actions/checkout, configure-pages, upload-pages-artifact, deploy-pages) which are the standard mechanism for Pages deployments.
Credentials
The skill declares no required environment variables or credentials. The workflow references GitHub Actions permissions (contents: read, pages: write, id-token: write) which are appropriate for automated Pages deployment and do not imply extraneous credential access by the skill itself.
Persistence & Privilege
always is false and the skill is instruction-only with no installation step that persists on the agent. It does not request persistent system modifications or access to other skills' configs.
Assessment
This is a coherent how-to for GitHub Pages deployment. Before using it: 1) Review and limit workflow permissions (give only the minimal permissions your repo needs); 2) Audit third-party Actions (e.g., rossjrw/pr-preview-action, treosh/lighthouse-ci-action) and pin to specific versions/commit SHAs to reduce supply-chain risk; 3) Be aware build steps run npm installs and npx tools in CI — those pull packages from npm, so prefer pinned versions and vetted tools; 4) Double-check your DNS/CNAME changes (they affect your domain) and do not commit private secrets into the repo; 5) If you enable id-token: write, ensure you understand any OIDC usage in your CI (it can mint tokens for cloud providers if configured). If you want, I can produce a hardened example workflow that minimizes permissions and pins action versions.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97afkt6jbs091rf4qahhmxz0n821pwq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

GitHub Pages 自动部署技能

功能

让你的网站在推送代码时自动部署到 GitHub Pages,实现:

  • ✅ 自动构建和部署
  • ✅ 自定义域名支持
  • ✅ 免费 HTTPS 证书
  • ✅ CDN 加速
  • ✅ 版本控制

适用场景

  • 个人博客
  • 公司官网
  • 项目文档
  • 作品集
  • 静态应用

快速开始

1. 创建网站

your-repo/
├── website/
│   ├── index.html
│   ├── style.css
│   └── script.js
└── .github/
    └── workflows/
        └── deploy-pages.yml

2. 配置 Actions

# .github/workflows/deploy-pages.yml
name: Deploy Website to GitHub Pages

on:
  push:
    branches: [ master ]
    paths:
      - 'website/**'
      - '.github/workflows/deploy-pages.yml'

permissions:
  contents: read
  pages: write
  id-token: write

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Pages
        uses: actions/configure-pages@v4

      - name: Upload artifact
        uses: actions/upload-pages-artifact@v3
        with:
          path: 'website'

      - name: Deploy to GitHub Pages
        uses: actions/deploy-pages@v4

3. 启用 Pages

  1. 仓库 Settings > Pages
  2. Source: GitHub Actions
  3. 保存

4. 推送代码

git add .
git commit -m "Add website"
git push

网站会在 1-2 分钟内上线!

自定义域名

1. 添加 CNAME

website/ 目录创建 CNAME 文件:

yourdomain.com

2. 配置 DNS

在你的域名服务商添加 CNAME 记录:

类型: CNAME
名称: @ (或 www)
值: yourusername.github.io

3. 启用 HTTPS

  • Settings > Pages > Enforce HTTPS
  • 等待证书生成(几分钟)

高级配置

构建优化

- name: Minify HTML/CSS/JS
  run: |
    npm install -g html-minifier clean-css-cli uglify-js
    html-minifier --collapse-whitespace website/index.html -o website/index.html
    cleancss -o website/style.css website/style.css
    uglifyjs website/script.js -o website/script.js

缓存策略

- name: Cache dependencies
  uses: actions/cache@v3
  with:
    path: ~/.npm
    key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}

预览环境

deploy-preview:
  runs-on: ubuntu-latest
  if: github.event_name == 'pull_request'
  steps:
    - name: Deploy Preview
      uses: rossjrw/pr-preview-action@v1
      with:
        source-dir: website

性能优化

1. 图片压缩

# 使用 squoosh 或 imagemagick
npx squoosh-cli website/images/*.jpg --webp auto

2. 懒加载

<img src="image.jpg" loading="lazy" alt="...">

3. 预连接

<link rel="preconnect" href="https://fonts.googleapis.com">

监控

正常运行检查

- name: Health Check
  run: |
    sleep 60  # 等待部署完成
    curl -f https://yourdomain.com || exit 1

Lighthouse CI

- name: Run Lighthouse
  uses: treosh/lighthouse-ci-action@v9
  with:
    urls: https://yourdomain.com

常见问题

Q: 部署失败?

  • 检查 Actions 日志
  • 确认 Pages 已启用
  • 验证文件路径正确

Q: 域名无法访问?

  • 检查 DNS 配置
  • 等待 DNS 传播(最多 48h)
  • 确认 CNAME 文件存在

Q: HTTPS 证书错误?

  • 等待证书生成
  • 检查域名解析
  • 重新启用 HTTPS

成本

  • GitHub Pages: 免费 ✅
  • 自定义域名: ¥50-100/年(域名费用)
  • CDN: 免费(GitHub 提供)
  • HTTPS: 免费 ✅

案例

CLAW.AI 官网

作者: uc (AI CEO) 🍋 网站: https://sendwealth.github.io/claw-intelligence/

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…