ClawHub

Cicd Pipeline Generator

v0.1.0

This skill should be used when creating or configuring CI/CD pipeline files for automated testing, building, and deployment. Use this for generating GitHub Actions workflows, GitLab CI configs, CircleCI configs, or other CI/CD platform configurations. Ideal for setting up automated pipelines for Node.js/Next.js applications, including linting, testing, building, and deploying to platforms like Vercel, Netlify, or AWS.

1· 2k·6 current·7 all-time
byVeera@veeramanikandanr48
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the contents: SKILL.md explains pipeline generation and the repository includes ready-to-use templates for GitHub Actions and GitLab CI plus a platform comparison. There are no unrelated requirements (no binaries, env vars, or config paths declared).
Instruction Scope
SKILL.md stays within the expected scope (generate/configure CI pipeline files and provide templates). It shows example uses of CI secrets (VERCEL_TOKEN, AWS keys, CODECOV_TOKEN) but does not instruct the skill to read local secrets or exfiltrate data. Note: those secrets are meant to be set in the CI provider; review templates before applying to ensure they deploy only where you intend.
Install Mechanism
No install spec — instruction-only with a tiny placeholder index.js (no runtime installers or downloads). This is the lowest-risk install profile.
Credentials
The skill declares no required environment variables or credentials. Template examples reference common CI secrets, which is appropriate for CI configs but the skill itself does not request or expect those secrets in the agent environment.
Persistence & Privilege
always is false and the skill does not request persistent system changes or modify other skills. The small index.js is inert (returns a message); there is no autonomous privileged behavior beyond normal skill invocation.
Assessment
This skill appears coherent and primarily provides editable CI/CD templates. Before using/installing: (1) Review and edit the templates to match your repo paths, branch rules, and artifact locations; (2) Never commit plaintext secrets—add VERCEL_TOKEN, NETLIFY_AUTH_TOKEN, AWS keys, CODECOV_TOKEN, etc. to your CI provider's secrets storage; (3) Pin or review third-party actions (e.g., amondnet/vercel-action, codecov/codecov-action, aws-actions) to known-good versions and check their permissions; (4) Prefer least-privilege tokens and restrict deployment jobs to protected branches or require manual approvals for production deploys; (5) Test the workflow in a non-production branch or fork first. Note: index.js is a placeholder (no generation logic), so the primary asset is the SKILL.md and the included templates — treat them as source material to adapt rather than as an automated generator that will access your system or secrets.

Like a lobster shell, security has layers — review code before you run it.

latestvk97889xrw26z4bymknqp2e1t458080c5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments