📦 xCloud Docker 部署

v1.2.1

一键将任意项目部署至xCloud，自动识别WordPress、Laravel、PHP、Node.js、Next.js、NestJS、Python、Go、Rust等栈，智能路由原生或Docker环境，极速上线。

0· 431·0 当前·0 累计

by @asif2bd (Asif)

云服务开发工具自动化系统工具部署

下载技能包

最后更新

2026/4/19

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

安全

high confidence

This is an instruction-only deployment helper that is internally consistent with its stated purpose: it reads a repo, adapts docker-compose, and generates GitHub Actions and .env.example for xCloud — it does not ask for unrelated credentials or install code on the agent.

评估建议

This skill appears coherent and focused on adapting docker-compose and producing GitHub Actions for xCloud. Before you use it: 1) Review any generated GitHub Actions workflow before committing — it will push images to GHCR and optionally call an xCloud webhook; ensure the webhook URL and any secrets are trustworthy. 2) Do not commit real secrets (.env) to the repo; the skill correctly advises generating .env.example and storing secrets in GitHub secrets or xCloud UI. 3) If you make GHCR packages...

详细分析 ▾

✓ 用途与能力

The skill's name/description (xCloud Docker deployment, stack detection, Dockerfile/compose/GHA generation) matches the files present and the runtime instructions. There are no unrelated required binaries, config paths, or credentials requested. Templates and references (Dockerfiles, compose templates, GitHub Actions workflow) are directly relevant to the stated goal.

✓ 指令范围

SKILL.md instructs the agent to scan the project directory, detect stack signals, and produce modified docker-compose.yml, GitHub Actions workflows, and .env.example — all within the deployment scope. The agent is expected to read repository files (DETECT.md, compose, Dockerfile, package/composer/requirements files) which is appropriate for this task. The only network-related actions are in generated CI templates (e.g., docker login, optional curl to xCloud webhook) which run in GitHub Actions or on xCloud, not by the skill itself.

✓ 安装机制

No install spec or executable code is provided; this is instruction-only. There are no download/install steps that would fetch arbitrary code or write binaries to disk. That minimizes installation risk.

ℹ 凭证需求

The skill itself declares no required environment variables or primary credential — appropriate for an instruction-only skill. Generated artifacts reference standard CI secrets (GITHUB_TOKEN, optional XCLOUD_DEPLOY_WEBHOOK) and expect repo secrets to be added by the user; this is reasonable for the workflow but users should be aware the generated workflows will use GitHub secrets and may ask them to make GHCR packages public or add the xCloud webhook secret.

✓ 持久化与权限

The skill does not request permanent inclusion (always:false) and does not modify other skills or system-wide agent settings. It merely provides instructions and templates to be applied by the agent or user.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.2.12026/3/3

v1.2.1: Sync — updated CHANGELOG, README badge, skill.json + skillsmp.yml all pinned to 1.2.0; all PRs merged and closed.

● 可疑

安装命令

点击复制

官方npx clawhub@latest install xcloud-docker-deploy

镜像加速npx clawhub@latest install xcloud-docker-deploy --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库