首页龙虾技能列表 › OpenClaw GitHub Assistant — 技能工具

OpenClaw GitHub Assistant — 技能工具

v2.0.1

查询和管理 GitHub 仓库 - list repos, check CI status, create issues, search repos, and view recent activity.

8· 14,300·0 当前·0 累计
by @conorkenn·MIT-0
下载技能包
License
MIT-0
最后更新
2026/2/13
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
安全
high confidence
The skill's code, instructions, and requested secrets align with its stated GitHub-management purpose and don't request unrelated access.
评估建议
This skill appears to do exactly what it says: interact with GitHub using your Personal Access Token and username. Before installing: 1) Review and run the included code locally if possible to confirm behavior. 2) Create a token with the minimal scopes you need (avoid full 'repo' if you only need read access). 3) Prefer storing secrets in your platform's secret manager rather than long-lived shell variables on shared machines. 4) Rotate the token if you ever suspect compromise. 5) Note that a to...
详细分析 ▾
用途与能力
Name, description, SKILL.md, and code (api.js / index.js) all implement GitHub operations (list repos, CI, issues, PRs, create repo, search, commits). Required env vars and config keys (GITHUB_TOKEN, GITHUB_USERNAME, github.token, github.username) are directly used by the code to authenticate to api.github.com. There are no unrelated credentials, binaries, or config paths requested.
指令范围
SKILL.md limits runtime actions to setting credentials, restarting the gateway, and using the skill to call GitHub APIs. The instructions do not direct the agent to read unrelated files, exfiltrate data to third-party endpoints, or perform system-wide discovery. The README and SKILL.md warn about protecting the PAT.
安装机制
No install spec downloads arbitrary code from external URLs; the package is instruction/code-only and contains standard JS files. No brew/npm/go installs are requested. The included code will run within the OpenClaw environment without additional installers.
凭证需求
The skill requests only GITHUB_TOKEN and GITHUB_USERNAME (and matching config keys), which is proportionate to GitHub operations. Note: the recommended 'repo' scope gives wide access (create/delete repos, modify code/PRs/issues). This scope is consistent with capabilities (create_repo, create_issue, create_pull_request) but users should prefer least-privilege scopes (e.g., public_repo for public-only usage) or a token limited to required actions.
持久化与权限
always is false and the skill is user-invocable; it does not request permanent platform-wide privileges or modify other skills. Autonomous invocation is the platform default and not combined with other red flags here.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv2.0.12026/2/13
● 可疑

安装命令 点击复制

官方npx clawhub@latest install openclaw-github-assistant
镜像加速npx clawhub@latest install openclaw-github-assistant --registry https://cn.clawhub-mirror.com

技能文档

Query and manage GitHub repositories directly from your AI assistant.

Capabilities

CapabilityDescription
list_reposList your repositories with filters
get_repoGet detailed info about a specific repo
check_ci_statusCheck CI/CD pipeline status
create_issueCreate a new issue in a repo
create_repoCreate a new repository
search_reposSearch your repositories
get_recent_activityGet recent commits

Usage

You: List my Python repos
Bot: [lists your Python repositories]
You: Check CI status on my main project
Bot: [shows CI/CD status]
You: Create an issue about the bug
Bot: [creates the issue]

Setup

1. Generate GitHub Personal Access Token

  • Go to https://github.com/settings/tokens
  • Click "Generate new token (classic)"
  • Name: openclaw-github-skill
  • Scopes: repo (required), read:user (optional)
  • Copy the token

2. Configure Credentials

Option A: Environment Variables (Recommended)

Set environment variables before starting OpenClaw:

export GITHUB_TOKEN="ghp_your_token_here"
export GITHUB_USERNAME="your_github_username"

Option B: OpenClaw Config

Add to ~/.openclaw/openclaw.json:

{
  "github": {
    "token": "ghp_your_token_here",
    "username": "your_username"
  }
}

3. Restart OpenClaw

openclaw gateway restart

Security Notes

⚠️ Protect Your Token:

  • Never commit your token to git or share it publicly
  • Use the minimal required scopes (repo for private repos, public_repo for public-only)
  • Rotate your token if you suspect it was compromised
  • Consider using a secrets manager for production use

⚠️ Best Practices:

  • Don't store tokens in shell profiles (~/.zshrc) on shared machines
  • For local development, environment variables are acceptable
  • For production, use your platform's secret/credential store

Rate Limits

  • Unauthenticated requests: 60/hour
  • Authenticated requests: 5,000/hour

Requirements

  • OpenClaw gateway running
  • GitHub Personal Access Token with appropriate scopes
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务