首页龙虾技能列表 › DevOps Bridge — 技能工具

DevOps Bridge — 技能工具

v1.0.0

[自动翻译] Unified developer operations bridge connecting GitHub, CI/CD (GitHub Actions), Slack, Discord, and issue trackers (Linear, Jira, GitHub Issues) into c...

0· 750·7 当前·7 累计
by @ariktulcha (Arik Tulchinsky)·MIT-0
下载技能包
License
MIT-0
最后更新
2026/4/11
安全扫描
VirusTotal
可疑
查看报告
OpenClaw
可疑
high confidence
The skill's description matches a DevOps bridge, but the runtime instructions expect access to many external tools and credentials while the declared requirements list none — plus a prompt-injection pattern was detected — so the package is internally inconsistent and needs clarification before use.
评估建议
This skill's described functionality legitimately needs GitHub, messaging, and issue-tracker credentials and CLIs, but the registry entry declares none — that's the main red flag. Before installing or using it, ask the publisher for: (1) an explicit list of required credentials and the expected auth flows (prefer OAuth or temporary tokens, not pasting secrets into chat); (2) where configuration and any tokens will be stored, how long they persist, and whether they're encrypted; (3) evidence of t...
详细分析 ▾
用途与能力
The skill claims to connect GitHub, CI, Slack/Discord, Linear, Jira, etc., which legitimately requires network access and service credentials. However, the registry metadata declares no required environment variables, no primary credential, and no required binaries, while SKILL.md explicitly lists 'gh' CLI and messaging/issue-tracker credentials as required. This mismatch is disproportionate and incoherent: a bridge like this should declare the specific credentials and tools it needs.
指令范围
SKILL.md instructs the agent to scan repos (including 'all repos I have push access to'), fetch CI logs, link PRs to issues, post messages to Slack/Discord, and interactively gather configuration. Those actions require access to account-level data and service tokens. The instructions also say to store configuration in workspace memory and propose cron jobs. The runtime instructions therefore go beyond a simple read-only helper and could access or persist sensitive tokens or repo data — but the skill does not declare or constrain that access. A unicode-control-chars prompt-injection pattern was also detected inside SKILL.md, which suggests the file attempted to embed tricky characters; that is suspicious in an instructions-only document.
安装机制
There is no install spec and no code files (instruction-only), which reduces file-execution risk. However, SKILL.md depends on external CLIs (gh, optional Linear CLI) and APIs; the skill does not provide an installer or declare these binaries in registry metadata. The lack of an install step is low-risk by itself but the mismatch between declared requirements and the documented 'Required Tools' is a coherence issue.
凭证需求
The skill will need multiple service credentials (GitHub token, Slack/Discord bot token or webhook, Linear/Jira API tokens) to implement its features, but requires.env is empty and no primary credential is declared. That absence is disproportionate and makes it unclear how credentials will be supplied or stored. The instructions' expectation that the agent can access 'all repos I have push access to' implies broad GitHub permissions; the user should not paste or expose long-lived tokens into chat unless they understand where and how they are stored.
持久化与权限
always:false (normal). SKILL.md instructs storing configuration in workspace memory and scheduling cron prompts; persisting mappings (e.g., GitHub→Slack handles), schedules, and possibly tokens is expected for functionality. The document does not specify retention, encryption, or scope of persisted data — the user should confirm where workspace memory is stored and whether tokens/configuration persist after uninstalling. Autonomous invocation is allowed by default; this increases blast radius only if credentials are provided.
安全有层次,运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发,无需署名。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/2/15

🚀 Initial release v1.0.0 Cross-tool developer operations bridge connecting: - GitHub PRs, issues, and repository activity - CI/CD pipelines (GitHub Actions) with failure analysis - Slack/Discord notifications with full context - Linear, Jira, and GitHub Issues sync Features: - Smart CI failure notifications — shows failing test, last passing commit, and linked issue - PR review lifecycle tracking with escalating reminders (24h, 48h, 72h) - Flaky test detection across PRs - Auto-sync issue status when PRs merge - Daily dev standup summary generation - Team username mapping (GitHub → Slack/Discord @mentions) - Cron support for morning digest, afternoon review reminders, EOD CI report - Monorepo aware — groups notifications by directory/team The missing link between your dev tools. One skill replaces tab-switching between GitHub, Slack, and your issue tracker.

● 可疑

安装命令 点击复制

官方npx clawhub@latest install devops-bridge
镜像加速npx clawhub@latest install devops-bridge --registry https://cn.clawhub-mirror.com

技能文档

The missing link between your dev tools. This skill connects GitHub, CI/CD, Slack/Discord, and issue trackers into workflows that actually make sense — so you stop context-switching between 6 browser tabs.

Why This Exists

Developers already use separate skills for GitHub, Slack, etc. But nobody has built the bridge: when CI fails, automatically link it to the PR, notify the right Slack channel, and update the ticket. This skill is that bridge.

Core Capabilities

1. Smart Notifications

Transform noisy GitHub events into actionable, context-rich messages. Instead of "Build failed", deliver:

🔴 CI Failed — PR #142 "Add OAuth flow" by @alice
  └─ Test: auth.test.ts:47 — Expected 200, got 401
  └─ Last passing commit: abc1234 (2 hours ago)  
  └─ Linked issue: LINEAR-389 "Implement SSO"
  └─ Action: Reply "fix" to see the failing test, "logs" for full output

When sending notifications, always:

  • Include the PR title and author, not just the number
  • Link to the specific failing test or check, not just "CI failed"
  • Mention the last known good commit for quick bisect context
  • Cross-reference related issues/tickets if they exist
  • Suggest a concrete next action

2. PR Review Management

Track pull request lifecycle across tools:

Review reminders:

  • Scan open PRs daily and flag those waiting for review
  • Escalate based on age: gentle reminder at 24h, stronger at 48h, urgent at 72h+
  • Send reminders to the assigned reviewer via Slack/Discord DM or channel
  • Format:
  👀 Review needed:
  • PR #142 "Add OAuth flow" — waiting 3 days (assigned: @bob)
  • PR #156 "Fix pagination" — waiting 1 day (assigned: @carol)

Review status sync:

  • When a PR gets approved on GitHub, post to the team channel
  • When changes are requested, notify the author directly
  • When all checks pass + approved, prompt: "Ready to merge — want me to merge it?"

3. CI/CD Intelligence

Go beyond "pass/fail" with intelligent CI analysis:

  • Failure grouping: if multiple PRs fail on the same test, flag it as a systemic issue rather than spamming individual notifications
  • Flaky test detection: if a test fails intermittently across PRs, note it: "This test has failed 3 times this week across different PRs — likely flaky"
  • Duration tracking: "This build took 45 min, up from the usual 20 min — something may be wrong"
  • Auto-retry suggestion: for known flaky failures, suggest or trigger a re-run

4. Issue Tracker Sync

Keep issue trackers (Linear, Jira, GitHub Issues) in sync with actual development activity:

  • When a PR references an issue (e.g., "Fixes #123"), update the issue status automatically
  • When a PR is merged, move the linked issue to "Done" or "In Review"
  • When CI fails on a PR linked to an issue, add a comment to the issue noting the blocker
  • Surface orphaned PRs: "PR #167 doesn't reference any issue — should it?"

5. Daily Dev Standup

Generate a team-level development summary on demand or via cron:

🧑‍💻 Dev Standup — [Date]
Merged yesterday:
  • PR #140 "Refactor auth module" by @alice → LINEAR-385 closed
  • PR #143 "Update deps" by @bob
In review:
  • PR #142 "Add OAuth flow" by @alice — 2 approvals, CI passing ✅
  • PR #156 "Fix pagination" by @carol — changes requested by @bob
Blocked:
  • PR #158 "Migrate DB" by @dave — CI failing (migration timeout)
  • Issue LINEAR-402 — no assignee, due tomorrow
CI Health: 87% pass rate (down from 94% last week)
  └─ Flaky: auth.test.ts (failed 4/10 runs)

Configuration

Required Tools

  • gh CLI (GitHub) — for repo activity, PRs, issues, CI status
  • At least one messaging channel configured (Slack, Discord, Telegram)

Optional Tools

  • Linear CLI or API — for Linear issue tracking
  • Jira API — for Jira integration
  • GitHub Issues — works out of the box with gh

Setup Flow

On first use, gather configuration interactively:

  • Which repos to monitor? Ask for a list or use "all repos I have push access to"
  • Where to send notifications? Slack channel, Discord channel, Telegram, or all
  • How aggressive should reminders be? Options: gentle (72h), moderate (48h), aggressive (24h)
  • Include CI details? Some users want full logs, others just pass/fail
  • Who's on the team? Map GitHub usernames to Slack/Discord handles for @mentions

Store configuration in workspace memory for persistence.

Cron Setup

Suggest these default schedules (user can customize):

[
  {
    "name": "Morning dev digest",
    "schedule": "0 9   1-5",
    "prompt": "Generate dev standup summary for my repos"
  },
  {
    "name": "PR review reminder",  
    "schedule": "0 14   1-5",
    "prompt": "Check for PRs waiting for review and send reminders"
  },
  {
    "name": "End of day CI report",
    "schedule": "0 17   1-5",
    "prompt": "Summarize today's CI/CD activity and flag any issues"
  }
]

Command Reference

Users can trigger specific actions with natural language:

User saysAction
"What's happening in my repos?"Full activity summary across all monitored repos
"Any failing builds?"CI status check with details on failures
"Who needs a review?"List PRs awaiting review with age and assignee
"Standup"Generate daily dev standup summary
"Notify #dev-team about PR 142"Send a formatted notification about a specific PR
"Link PR 142 to LINEAR-389"Create cross-reference between PR and issue
"Set up CI alerts for repo X"Configure monitoring for a specific repository
"Merge PR 142"Merge if all checks pass and approved; warn if not

Edge Cases

  • Monorepo: if monitoring a monorepo, group notifications by directory/team, not just by PR
  • Forks: when PRs come from forks, note this clearly (different trust level)
  • Draft PRs: don't send review reminders for draft PRs unless user asks
  • Stale PRs: if a PR has been open >7 days with no activity, suggest closing or rebasing
  • Rate limits: GitHub API has rate limits. Batch requests and cache results within a session
  • No messaging configured: if no Slack/Discord/Telegram, output to the current conversation instead
  • Multiple orgs: if user has repos across multiple GitHub orgs, handle them all but label clearly

Integration Pattern

This skill works best with other installed skills. When detected:

  • github skill: defer raw GitHub operations to it, use devops-bridge for cross-tool logic
  • slack skill: use it for message delivery, devops-bridge composes the messages
  • daily-briefing-hub: feed dev activity data into the morning briefing's "Dev Activity" section
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制

了解定制服务