ClawHub

Gh Actions Automation

v1.0.0

GitHub Actions workflow generator. Creates CI/CD pipelines for Node.js, Python, Docker. Triggers: github actions, ci cd, workflow, automate build, github ci.

0· 0·0 current·0 all-time
by@sky-lv·duplicate of @sky-lv/skylv-github-actions-helper
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (GitHub Actions workflow generator) match the SKILL.md: it generates CI templates for Node.js, Python, and Docker and lists expected project files (package.json, pyproject.toml, Dockerfile). No unrelated binaries, credentials, or config paths are requested.
Instruction Scope
Instructions are limited to detecting common project files and producing YAML templates for workflows. This requires the agent to read repository files (project root), which is coherent with the task. The instructions are brief/vague about exact workspace paths and do not specify safeguards; the agent will need only repository access but you should confirm the agent's file access scope.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing is downloaded or written to disk by the skill itself.
Credentials
The skill declares no environment variables or credentials. The SKILL.md sensibly advises storing secrets in GitHub Secrets but does not request them itself.
Persistence & Privilege
Skill is not always-enabled and does not request persistent system modifications or broader privileges. Autonomous invocation is allowed (platform default) but not combined with other red flags.
Assessment
This skill appears coherent and low-risk, but remember it relies on the agent being able to read your repository files to detect project types—confirm the agent is only granted access to the intended repo/workspace. Before using generated workflows, review them for correct secret handling, pinned action versions (consider specifying full action refs), and any deployment steps that might require credentials. If you want stronger guarantees, ask the skill to only output templates without writing files, and test the workflows in a non-production branch or fork first.

Like a lobster shell, security has layers — review code before you run it.

latestvk979pktd774c4yf3c7zs1f717s85dbrt
0downloads
0stars
1versions
Updated 4h ago
v1.0.0
MIT-0
@sky-lv
latest
Download

GitHub Actions Helper

Overview

Generates GitHub Actions workflows for continuous integration and deployment.

When to Use

  • User asks to "set up CI" or "add github actions"
  • New project needs automated testing
  • User wants to "deploy with github actions"

How It Works

Detect project type

Check for: package.json (Node), pyproject.toml (Python), Dockerfile (Docker).

Node.js CI Template

name: CI
on: [push, pull_request]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: "20" }
      - run: npm ci
      - run: npm test

Python CI Template

name: Python CI
on: [push, pull_request]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with: { python-version: "3.12" }
      - run: pip install -r requirements.txt
      - run: pytest

Tips

  • Use actions/checkout@v4 not @v4.2.0
  • Use npm ci not npm install for reproducibility
  • Store secrets in GitHub Secrets

Comments

Loading comments...