ClawHub

MLOps Automation

v1.0.0

Task automation, containerization, CI/CD, and experiment tracking

0· 562·2 current·2 all-time
byGuohongbin@guohongbin-git
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name and description (task runner, Docker, CI/CD, experiment tracking) align with the SKILL.md content: it instructs copying task files, Dockerfile, and a GitHub Actions workflow and shows MLflow snippets. However, SKILL.md references templates (references/justfile and references/Dockerfile) that are not present in the file manifest, which is an inconsistency between claimed capabilities and the provided package.
!
Instruction Scope
Instructions tell the agent (and user) to copy files into the user's project and to run docker build, just, and MLflow code. Those actions are expected for this purpose, but the missing referenced templates mean cp commands will fail or will not provide the promised templates. Also the CI workflow includes steps that interact with external services (e.g., codecov) — the workflow itself is standard for CI but will interact with external endpoints if run.
Install Mechanism
This is instruction-only with no install spec and no downloads or executable install steps. That is low-risk and coherent with an editor/guide-style skill.
Credentials
The skill requests no environment variables or credentials, which is reasonable. Be aware MLflow usage may require a tracking server, artifact storage or credentials in real projects (the skill does not request or provide guidance for those), and the CI uses codecov/action which may upload data to codecov if configured — no tokens are included here.
Persistence & Privilege
Skill does not request permanent presence (always:false) and does not include install hooks or access to other skills' configs. Autonomous invocation defaults are unchanged. No elevated privileges are requested.
What to consider before installing
This skill appears to be an MLOps helper and is mostly coherent, but it has gaps and small surprises you should verify before using: - The SKILL.md copies references/justfile and references/Dockerfile, but those files are not present in the package. Ask the author for the missing templates or inspect them before running cp commands. - Review the CI workflow (references/ci-workflow.yml) before enabling it in your repo. It calls standard actions (setup-uv, setup-python, codecov). Ensure you understand what gets uploaded (coverage) and whether any secrets or tokens are needed. - Inspect any Dockerfile and copied build artifacts before running docker build; images can execute arbitrary code during build time. - For MLflow: decide where you will host tracking/artifacts and ensure you do not inadvertently send sensitive data to a remote tracking server. - The package.json author string differs from the repository URL; verify the origin if provenance matters. If you want to proceed, request the missing template files and review them locally (and the Dockerfile/justfile) before running any commands in your project.

Like a lobster shell, security has layers — review code before you run it.

automationvk977dskzj6z9c128jys0eeqmyh81dk3slatestvk977dskzj6z9c128jys0eeqmyh81dk3smlopsvk977dskzj6z9c128jys0eeqmyh81dk3s

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments