ClawHub

GitHub Star Manager

v0.1.2

Manage GitHub stars with AI-powered categorization and cleanup. Use when a user wants to organize their starred repos into GitHub Lists, clean up stale/depre...

0· 712·0 current·0 all-time
by@cosformula

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cosformula/github-star-manager-skill.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "GitHub Star Manager" (cosformula/github-star-manager-skill) from ClawHub.
Skill page: https://clawhub.ai/cosformula/github-star-manager-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: gh, jq
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install github-star-manager-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install github-star-manager-skill
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (manage and categorize GitHub stars) matches the declared dependencies (gh, jq) and the SKILL.md commands (gh api, GraphQL mutations, jq). There are no unrelated binaries or secrets requested.
Instruction Scope
SKILL.md instructs the agent to run gh CLI commands that read/export stars, create lists, add repos, and delete (unstar) repos. That scope is appropriate for the stated purpose, but several operations are destructive (unstar, mutations) and rely on the user's gh auth session — the skill does instruct to confirm before destructive actions, so the scope is reasonable if confirmations are enforced.
Install Mechanism
Install entries use standard package managers (brew and apt) for gh and jq, which is low risk. Minor inconsistency: the registry's top-level install metadata listed only brew formulas, while the SKILL.md's embedded metadata also lists apt packages; this is likely benign but inconsistent.
Credentials
The skill requests no environment variables and uses the existing gh auth session. It documents that Lists operations require a token with 'user' scope (or a Classic token), which is a broader permission than read-only but justified for creating/managing Lists. Requesting the gh session instead of asking for raw tokens is appropriate and limits direct exposure of secrets in env vars.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes. The agent may be allowed to invoke the skill autonomously (platform default); because the skill can perform destructive actions, users should ensure confirmation steps are enforced when granting autonomous invocation, but the skill itself does not demand elevated persistent privileges.
Assessment
This skill looks coherent for managing GitHub stars, but before installing: ensure you have gh installed and authenticated (gh auth login); back up your stars (run the export command and save stars.json) before bulk changes; note that Lists creation and mutation require a token with 'user' scope (Classic tokens are more powerful—only use if you understand the permissions); confirm that your agent or environment will prompt you before destructive actions (unstarring/removing items) or disable autonomous invocation if you don't want the agent to act without explicit consent; and prefer installing gh/jq from your system package manager (brew/apt) as shown. The only minor issue is an install-metadata inconsistency (brew vs apt) in documentation — not a security problem but worth checking.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Clawdis
Binsgh, jq

Install

Install GitHub CLI (brew)
Bins: gh
brew install gh
Install jq (brew)
Bins: jq
brew install jq
latestvk977ksn7zrr35smdsygxg7r09h817nwc
712downloads
0stars
3versions
Updated 2mo ago
v0.1.2
MIT-0
@cosformula
latest
Download

GitHub Star Manager

Requires gh (authenticated) + jq. For Lists operations: token needs user scope (Classic token recommended).

Authentication

This skill uses the gh CLI's existing auth session. Before using:

  1. Run gh auth login if not already authenticated
  2. For read-only operations (export, stats): default token scopes are sufficient
  3. For Lists operations (create list, add to list): token needs user scope — run gh auth refresh -s user or use a Classic token with user scope

No separate API key or environment variable is needed.

Export Stars

gh api user/starred --paginate --jq '.[] | {
  full_name, description, url: .html_url, language,
  topics, stars: .stargazers_count, forks: .forks_count,
  archived, updated_at, pushed_at
}' | jq -s '.' > stars.json

Slow for 1000+ stars (~1 min per 1000). Quick count: gh api user/starred --paginate --jq '. | length' | jq -s 'add'.

View Existing Lists

gh api graphql -f query='{
  viewer {
    lists(first: 100) {
      nodes { id name description isPrivate items { totalCount } }
    }
  }
}' --jq '.data.viewer.lists.nodes'

Create a List

gh api graphql -f query='
mutation($name: String!, $desc: String) {
  createUserList(input: {name: $name, description: $desc, isPrivate: false}) {
    list { id name }
  }
}' -f name="LIST_NAME" -f desc="LIST_DESCRIPTION" --jq '.data.createUserList.list'

Save the returned id for adding repos.

Add Repo to List

REPO_ID=$(gh api repos/OWNER/REPO --jq '.node_id')

# Note: listIds is a JSON array, use --input to pass variables correctly
echo '{"query":"mutation($itemId:ID!,$listIds:[ID!]!){updateUserListsForItem(input:{itemId:$itemId,listIds:$listIds}){user{login}}}","variables":{"itemId":"'$REPO_ID'","listIds":["LIST_ID"]}}' \
  | gh api graphql --input -

Add ~300ms delay between calls to avoid rate limits.

Unstar

gh api -X DELETE user/starred/OWNER/REPO

Always confirm with user before unstarring.

Organize Workflow

  1. Export stars to JSON
  2. Analyze the JSON — suggest categories based on language, topics, purpose, domain
  3. Present suggestions to user for review
  4. Create Lists and add repos after confirmation
  5. Batch operations with delays between API calls

Cleanup Workflow

  1. Export stars to JSON
  2. Use jq to find archived, stale (2+ years no push), low-star, or deprecated repos
  3. Present candidates to user, confirm before unstarring

Comments

Loading comments...