hhdfasf

v1.0.0

Interact with GitHub using the gh CLI for PR checks, workflow run details, logs, API queries, and JSON output filtering.

⭐ 0· 266·0 current·0 all-time

by@yequanzheng

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for yequanzheng/self-improving-agent22.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "hhdfasf" (yequanzheng/self-improving-agent22) from ClawHub.
Skill page: https://clawhub.ai/yequanzheng/self-improving-agent22
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install self-improving-agent22

ClawHub CLI

Package manager switcher

npx clawhub@latest install self-improving-agent22

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill's description and instructions clearly require the GitHub 'gh' CLI and access to a GitHub repository, but the registry metadata lists no required binaries and no primary credential. A legitimate 'gh'-based skill should declare the gh CLI and indicate required auth (e.g., GH_TOKEN or gh auth).

ℹ

Instruction Scope

SKILL.md is narrowly scoped to running gh commands (pr checks, run list, run view, gh api, --json/--jq). It does not instruct the agent to read unrelated files or exfiltrate data. However, it implicitly assumes configured GitHub credentials and that gh is available on PATH — assumptions not declared in metadata.

✓

Install Mechanism

There is no install spec (instruction-only), so nothing will be downloaded or written to disk by the skill itself. That lowers risk, but also means the agent must already have gh installed and configured.

Credentials

The skill requires access to GitHub (via gh) in practice, which typically requires credentials (GH_TOKEN or gh auth). The metadata declares no env vars or primary credential. This omission is disproportionate: the skill should explicitly request or document needed credentials and recommended scope.

✓

Persistence & Privilege

always is false and there is no indication the skill requests persistent system privileges or modifies other skills. Autonomous invocation is allowed by default (disable-model-invocation: false) but that is normal platform behavior and not by itself flagged.

What to consider before installing

This skill's instructions are straightforward: it runs gh CLI commands to inspect PRs and workflow runs. But the package metadata omits that dependency and any mention of required GitHub credentials. Before installing or enabling it: 1) confirm the agent environment has the gh CLI installed and accessible on PATH; 2) ensure the agent has appropriate GitHub authentication configured (prefer a least-privilege personal access token or gh auth with minimal scopes) rather than supplying broad credentials; 3) consider the unknown source and lack of homepage — prefer skills from known publishers or with verifiable source code; 4) if you don't want the agent to call GitHub autonomously, disable autonomous invocation or avoid giving it credentials. If you want a safer declaration, ask the publisher to update metadata to require the gh binary and to document required auth and token scopes.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dpsexxqhcpcvxzp05m31ww1837mck

266downloads

0stars

1versions

Updated 2h ago

v1.0.0

MIT-0

GitHub Skill

Use the gh CLI to interact with GitHub. Always specify --repo owner/repo when not in a git directory, or use URLs directly.

Pull Requests

Check CI status on a PR:

gh pr checks 55 --repo owner/repo

List recent workflow runs:

gh run list --repo owner/repo --limit 10

View a run and see which steps failed:

gh run view <run-id> --repo owner/repo

View logs for failed steps only:

gh run view <run-id> --repo owner/repo --log-failed

API for Advanced Queries

The gh api command is useful for accessing data not available through other subcommands.

Get PR with specific fields:

gh api repos/owner/repo/pulls/55 --jq '.title, .state, .user.login'

JSON Output

Most commands support --json for structured output. You can use --jq to filter:

gh issue list --repo owner/repo --json number,title --jq '.[] | "\(.number): \(.title)"'

Comments

Loading comments...