ClawHub

Changelog Generator Cn

v1.0.0

自动生成更新日志。分析 git 提交历史,分类变更,将技术提交转换为用户友好的发布说明。触发词:更新日志、changelog、发布说明、版本更新。翻译自 ComposioHQ。

0· 487·1 current·1 all-time
byGuohongbin@guohongbin-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill's name and description claim to analyze git history and produce user-friendly changelogs. The manifest requests no environment variables, binaries, or installs — which is consistent for an instruction-only skill that operates on a user's repository.
Instruction Scope
SKILL.md stays focused on scanning git commits, categorizing changes, and formatting output. It is high-level (no explicit git command examples), tells the agent to run from the repository root, to consult CHANGELOG_STYLE.md if present, and to save output to CHANGELOG.md. This is within scope but gives the agent discretion to read repository files and commit history; the instructions do not reference unrelated system paths or external endpoints.
Install Mechanism
No install specification or code files are included. Being instruction-only means nothing will be written to disk by an installer, which is the lowest-risk posture.
Credentials
The skill declares no environment variables, credentials, or config paths. That is proportionate for a tool that only needs access to the local git repository.
Persistence & Privilege
The skill does not request persistent presence (always: false) and has no install-time actions or modifications of other skill configs.
Assessment
This skill appears coherent and low-risk, but remember it needs access to your git repository (commit history and files like CHANGELOG_STYLE.md). Before running it: (1) ensure the agent is pointed at the correct repo and branch, (2) review the generated changelog before publishing (commits can contain sensitive information), and (3) avoid running it on repositories that contain secrets or private data unless you trust the execution environment. If you want extra safety, run the same steps locally (or on a copy of the repo) to verify output before allowing an agent to operate on your primary repository.

Like a lobster shell, security has layers — review code before you run it.

latestvk977a45716daa8fs7x64yvng9d81g8cr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📝 Clawdis

Comments