ClawHub

Airflow DAG Git

v0.1.1

Manage and update Airflow DAG Python files via GitHub PRs with strict path and content restrictions for secure workflow control.

0· 0·0 current·0 all-time
byMarcos CF.@kansodata
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name, description, and instructions all focus on updating single Airflow DAG .py files via GitHub PRs with path/content restrictions — the requested capabilities match the stated purpose.
Instruction Scope
SKILL.md stays within the DAG-via-PR workflow and forbids dangerous actions (path traversal, multi-file ops, CI changes). However the guardrails are high-level and rely on the provided tools (airflow_dag_git_read_file, airflow_dag_git_open_pr) to enforce them; the skill does not embed the allowlist or validate enforcement logic itself.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself.
Credentials
The skill declares no required env vars or credentials, but performing GitHub reads/PRs requires GitHub credentials or a platform-integrated connector. The omission isn’t necessarily malicious but you should confirm which credential (scope, owner/repo scoping) the platform/tool uses and that it’s least-privilege.
Persistence & Privilege
always is false and there is no indication the skill requests persistent or cross-skill privileges; normal autonomous invocation is allowed by platform default.
Assessment
This skill appears coherent for managing DAG files, but before installing confirm: (1) which service/tool provides the two named actions and where the GitHub credentials live; (2) that an explicit allowlist of owner/repo/paths is enforced by the tool (inspect the allowlist and enforcement code/policy); (3) the GitHub token used has minimal scopes and is restricted to the intended repos/branches; and (4) PR creation sanitizes and rejects non-DAG or unsafe content as claimed. Because the SKILL.md is high-level and the source/homepage are unknown, ask the publisher or platform operator to show the implementation or integration details (tool endpoints, ACLs, and audit logs) before granting repository-level access.

Like a lobster shell, security has layers — review code before you run it.

githubvk97daxaa1bed5v06pmz91kvm8n84kjpcirflowvk97daxaa1bed5v06pmz91kvm8n84kjpclatestvk97daxaa1bed5v06pmz91kvm8n84kjpc

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments