ClawHub

Skylv Github Actions Helper

v1.0.0

GitHub Actions workflow generator. Creates CI/CD pipelines for Node.js, Python, Docker. Triggers: github actions, ci cd, workflow, automate build, github ci.

0· 0·0 current·0 all-time
by@sky-lv
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill claims to generate GitHub Actions workflows and requires no binaries, credentials, or installs — consistent with an instruction-only template generator. The only resources it references (package.json, pyproject.toml, Dockerfile) are exactly what you'd expect for detecting project type.
Instruction Scope
SKILL.md only instructs detecting project type by checking for common project files and provides workflow YAML templates and tips. It does not ask to read unrelated system files, access credentials, or transmit data externally. (Note: the skill does not explicitly describe committing or writing the workflows into a repo; it only generates templates.)
Install Mechanism
No install spec and no code files are present (instruction-only), so nothing is downloaded or written to disk during install — lowest-risk pattern.
Credentials
The skill declares no required environment variables or credentials. The only secret-related advice is a benign recommendation to store secrets in GitHub Secrets, which is appropriate for CI/CD templates.
Persistence & Privilege
always is false and the skill does not request persistent system presence or modify other skills/configs. Autonomous invocation is allowed by default but not combined with other red flags.
Assessment
This skill appears to be a simple template generator and is internally consistent. Before using it, be prepared to: (1) allow it to inspect your repository tree (it will check for package.json, pyproject.toml, Dockerfile) to determine templates; (2) review and vet generated workflow YAML before committing (verify action versions, permissions, and secrets usage); and (3) manage any CI secrets via GitHub Secrets rather than embedding them in workflows. If you want the skill to write or commit workflows automatically, ask how it performs those actions and what credentials (if any) it would need — that would change the security posture.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ev65cfg2ape8kqr5c8cgqx5859wnf
0downloads
0stars
1versions
Updated 4h ago
v1.0.0
MIT-0
@sky-lv
latest
Download

GitHub Actions Helper

Overview

Generates GitHub Actions workflows for continuous integration and deployment.

When to Use

  • User asks to "set up CI" or "add github actions"
  • New project needs automated testing
  • User wants to "deploy with github actions"

How It Works

Detect project type

Check for: package.json (Node), pyproject.toml (Python), Dockerfile (Docker).

Node.js CI Template

name: CI
on: [push, pull_request]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with: { node-version: "20" }
      - run: npm ci
      - run: npm test

Python CI Template

name: Python CI
on: [push, pull_request]
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with: { python-version: "3.12" }
      - run: pip install -r requirements.txt
      - run: pytest

Tips

  • Use actions/checkout@v4 not @v4.2.0
  • Use npm ci not npm install for reproducibility
  • Store secrets in GitHub Secrets

Comments

Loading comments...