GitHub Development Standard
v2.0.0完整的 GitHub 项目开发标准流程 - 9步流程 + 4层验证 + 15项验收清单
⭐ 0· 402·1 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill is a GitHub development standard (checklist and workflow). The SKILL.md content (9-step workflow, validation layers, checklist, and gh CLI examples) directly matches the name and description; there are no unrelated requirements or unexpected capabilities declared.
Instruction Scope
Instructions are focused on code-change discipline: reading issues, small diffs, syntax/import/tests, and using GitHub CLI for issue operations. They reference running python compile/import/tests and gh commands against a repo. This is appropriate, but the examples assume access to the project files and an authenticated gh CLI; the skill does not attempt to read unrelated system paths or exfiltrate data.
Install Mechanism
No install spec and no code files; the skill is instruction-only, which minimizes installation risk. It does include example commands that rely on existing tools (python, pytest, gh), but it does not install anything itself.
Credentials
The skill declares no required environment variables or credentials, which is reasonable for a guidance document. However, using the gh CLI in practice requires authentication (gh auth) or credential material outside the skill; the skill does not request or handle secrets itself. There are no disproportionate or unexplained credential requests in the skill bundle.
Persistence & Privilege
always is false and there are no install hooks or requests to modify other skills or system-wide settings. The skill does not request persistent presence or elevated privileges.
Assessment
This is a guidance/checklist skill — it doesn't contain code or ask for secrets. Before using: (1) review the linked GitHub repo if you want to trust the origin; (2) understand that examples call local commands (python, pytest, gh) and assume you run them in the target repository — they won't run by themselves; (3) the gh CLI requires authentication, but the skill doesn't request tokens — do not paste tokens or secrets into chat. If you allow an autonomous agent to act, be aware it could execute similar commands on your filesystem or against repositories it can access, so ensure it's pointed at the intended repo and that no sensitive data is present.Like a lobster shell, security has layers — review code before you run it.
developmentvk979p7rh4xh51s9mdam9ygb21182tzmegithubvk979p7rh4xh51s9mdam9ygb21182tzmelatestvk97d4d2269ec5jer07sxy6ntn9833wwcqualityvk979p7rh4xh51s9mdam9ygb21182tzmestandardvk979p7rh4xh51s9mdam9ygb21182tzmeworkflowvk979p7rh4xh51s9mdam9ygb21182tzme
License
MIT-0
Free to use, modify, and redistribute. No attribution required.