ClawHub

glab-cli-skill

v1.0.0

Guidance for using the GitLab CLI (`glab`) from the terminal for merge requests, issues, CI/CD pipelines and jobs, repository targeting and inspection, clone...

0· 77·0 current·0 all-time
byWu Fei@wufei-png
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the content: all files are usage guidance for glab (MRs, issues, CI, repo, and api). There are no unrelated binaries, credentials, or external services required beyond normal GitLab usage patterns.
Instruction Scope
SKILL.md and references only instruct glab and git commands, preflight checks, and safe patterns (confirm repo/branch before mutation). Examples that show reading a token from a file or using GITLAB_HOST are appropriate for authentication and self-hosted usage; there are no instructions to read arbitrary user files or exfiltrate data.
Install Mechanism
No install spec and no code files — instruction-only skill. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill does not declare required env vars or credentials. It sensibly references common runtime variables (GITLAB_HOST) and token usage patterns (glab auth --stdin / --token) which are appropriate and expected for a GitLab CLI guide.
Persistence & Privilege
always is false, the skill is user-invocable and does not request persistent system presence or modification of other skills or system-wide configs.
Assessment
This is an instruction-only help pack for the official glab CLI and appears coherent. Before using it, remember: the guidance includes commands that can mutate repositories (create/merge/close, push, run CI) — always confirm target repo/branch and credentials before running destructive commands. Treat any token files referenced (myaccesstoken.txt) as sensitive; don't paste secret tokens into untrusted UIs or store them in publicly readable files. If you need automatic execution, review the exact commands the agent will run and grant only the minimum token scopes required (api / write_repository as documented).

Like a lobster shell, security has layers — review code before you run it.

latestvk97agdmasepars36n9h8561enx83njgt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments