ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Autonomous GitHub Team

v1.2.0

Autonomous GitHub Team — 41 AI agents that autonomously monitor a GitHub repository, detect bugs, create fixes, open PRs, and release to production. Triggers...

0· 120·0 current·0 all-time
by@captainsvbot

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for captainsvbot/autonomous-github-team.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Autonomous GitHub Team" (captainsvbot/autonomous-github-team) from ClawHub.
Skill page: https://clawhub.ai/captainsvbot/autonomous-github-team
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: GH_TOKEN, TARGET_REPO
Required binaries: git, bash, curl, python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install autonomous-github-team

ClawHub CLI

Package manager switcher

npx clawhub@latest install autonomous-github-team
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, required binaries (git, bash, curl, python3), and required env vars (GH_TOKEN, TARGET_REPO) are coherent for an autonomous GitHub automation that clones a repo and runs orchestrator scripts. Declared permissions (repo/PR/issues write) match the described functionality.
!
Instruction Scope
SKILL.md explicitly instructs cloning a remote repository and running orchestrator and agent shell scripts (agents/orchestrator.sh). While this is within the stated purpose, it directs execution of third‑party code with a write-capable PAT — a direct data-exfiltration or supply-chain risk. The skill does advise auditing agent scripts and running in a fork, but the runtime instructions inherently grant broad discretion to those remote scripts.
Install Mechanism
There is no packaged install; the skill is instruction-only and instructs git-cloning https://github.com/captainsvbot/AutonomousGitHubTeam.git pinned to tag v1.0.0. Cloning from GitHub and pinning a tag is better than downloading from an arbitrary server, but it still results in executing remote code on the host — a significant risk.
Credentials
Requested environment variables (GH_TOKEN and TARGET_REPO) are necessary for repository operations the skill performs. The GH_TOKEN requires write scopes, which are proportionate to creating fixes, PRs, and releases, but this is high privilege — the skill itself and its instructions repeatedly warn to use a least-privilege, repo-scoped token.
Persistence & Privilege
The skill does not request always:true or any system config paths and is user-invocable; however, because the agent can run autonomously (platform default) and the skill uses a write-capable PAT, an autonomous run could perform actions in the target repo without manual intervention. The SKILL.md recommends human review before merging, but you should confirm any automated merge/rollback behaviors in the repo code before enabling autonomous runs.
Assessment
This skill is internally consistent with its goal but is high-risk: it clones and executes third-party scripts and needs a write-capable GitHub token. Before installing, do all of the following: (1) Inspect the pinned v1.0.0 tag contents (especially agents/*.sh) and confirm what network calls and token usage occur; (2) Create a fine‑grained PAT scoped only to a single test repository (avoid org- or account-wide scopes) and prefer short expiration; (3) Test in an isolated fork or disposable repository first, with branch protection on main; (4) Run with a read-only or minimally scoped token initially to observe proposed changes without allowing writes; (5) Ensure human approval gates exist before any merge to main; (6) Monitor activity and rotate the token after testing. Because this package is instruction-only (no embedded code in the registry), you cannot rely on the registry scan — manual code review of the cloned repository is essential. If you cannot audit the code yourself, treat the skill as unsafe for production repositories.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🤖 Clawdis
Binsgit, bash, curl, python3
EnvGH_TOKEN, TARGET_REPO
latestvk975hfsgss4vwm2cvhdye2ybz183a48j
120downloads
0stars
3versions
Updated 1mo ago
v1.2.0
MIT-0
@captainsvbot
latest
Download

🤖 Autonomous GitHub Team Skill

⚠️ Security Warning — Read Before Installing

This skill clones and executes bash scripts from a remote repository. Before running:

  1. Audit the scripts first — review every agent file in the agents/ directory
  2. Use a least-privilege PAT — dedicated token scoped to a single test repo, not your main account
  3. Never run on a production repo until you've tested in an isolated fork
  4. Never commit tokens — keep config.env private and out of version control
  5. Require human review before merging any PRs the agents create

What It Does

41 AI agents that autonomously monitor a GitHub repository, detect bugs, create fixes, open PRs, and release to production automatically.

Required Environment Variables

GH_TOKEN        # GitHub PAT — needs: contents:w, pr:w, issues:w
TARGET_REPO     # The repository to operate on (format: owner/repo)

Primary credential: GH_TOKEN — treat this as a high-privilege secret.

Setup

# 1. Clone the repo (pinned to v1.0.0 tag)
git clone --branch v1.0.0 https://github.com/captainsvbot/AutonomousGitHubTeam.git
cd autonomous-github-team

# 2. Configure — edit config.env
cp config.example.env config.env
nano config.env   # set GH_TOKEN and TARGET_REPO

# 3. Audit the agents first (important!)
# Review agents/*.sh before running anything

# 4. Run
bash agents/orchestrator.sh

Security Requirements for the GitHub Token

The skill needs a token that can:

  • Read and write to repository contents
  • Create and manage pull requests
  • Read and write issues

Create a dedicated token for this skill:

  1. GitHub → Settings → Developer Settings → Personal Access Tokens → Fine-grained tokens
  2. Scope to only the specific repository you want the team to operate on
  3. Grant only: contents: read and write, pull requests: read and write, issues: read and write
  4. Never use your main account token with broad org access

Available Agents

bash agents/orchestrator.sh          # Full pipeline (detect → fix → release)
bash agents/security-agent.sh        # Vulnerability scanning
bash agents/fixer-agent.sh          # Apply fixes, open PRs
bash agents/git-guardian-agent.sh     # Merge PRs (requires human review before main merges)
bash agents/backup-agent.sh          # Backup repo via GitHub API
bash agents/rollback-agent.sh         # Auto-revert broken commits
bash agents/team-bravo.sh            # Activity monitor (read-only check)

Gitflow

feature/fix → develop → main

Every run syncs main → develop first. The Git Guardian does not auto-merge to main — all merges to main require human approval.

Before Running on a Production Repo

  • Clone and review all agents/*.sh files
  • Test in an isolated fork first
  • Set up branch protection on main (require PR reviews)
  • Use a dedicated, scope-limited PAT
  • Keep config.env out of version control

Security Checklist Before Publishing Changes

# Scan for accidentally committed secrets
grep -rni "gho_\|token\|secret\|api_key\|password" .

If you modify this repo, always scan before pushing publicly.

Comments

Loading comments...