ClawHub

Bitbucket Automation

v0.1.0

Automate Bitbucket repositories, pull requests, branches, issues, and workspace management via Rube MCP (Composio). Always search tools first for current schemas.

1· 1.8k·2 current·2 all-time
by@sohamganatra
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The name/description claim Bitbucket automation via Rube MCP and the SKILL.md exclusively describes Rube MCP tool calls (RUBE_SEARCH_TOOLS, RUBE_MANAGE_CONNECTIONS, BITBUCKET_*). There are no unrelated env vars, binaries, or install steps, so required capabilities match the stated purpose.
Instruction Scope
Instructions do not ask the agent to read local files or secret env vars; they explicitly require calling Rube MCP tool endpoints and following an OAuth flow returned by RUBE_MANAGE_CONNECTIONS. This is within scope for a remote-tooling integration but means sensitive Bitbucket OAuth tokens and repository operations will be handled by the Rube MCP service rather than locally.
Install Mechanism
No install spec and no code files are present (instruction-only), so nothing is written to disk. The only setup guidance is to add the MCP endpoint (https://rube.app/mcp) to client configuration, which is a configuration/network step rather than an installer.
Credentials
The skill declares no environment variables or credentials and relies on Rube-managed connections and OAuth for Bitbucket access. That is proportionate for a tool that delegates auth to an external MCP. However, the SKILL.md's statement 'No API keys needed' may understate that an OAuth flow (and resulting tokens) is required and will be handled by the MCP.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-level privileges. It does not modify other skills' configs and has no install-time persistence behavior.
Assessment
This skill appears coherent: it instructs the agent to use a third‑party Rube MCP (rube.app) to perform Bitbucket operations and does not request local secrets or installs. Before installing, confirm you trust the Rube MCP operator and the domain (rube.app) because OAuth tokens and repository actions will be routed through that service. Pay attention to destructive actions documented (repository and issue deletions, repo-create/delete) and ensure scopes granted during the OAuth flow are limited. If you prefer keeping credentials/local control, use a skill that calls Bitbucket APIs directly under your own credentials instead of a third‑party MCP.

Like a lobster shell, security has layers — review code before you run it.

latestvk972yja2kqryqhj4qp8ggpp8nx80n9qv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments