安全扫描
OpenClaw
安全
high confidenceThis is an instruction-only skill that simply provides example gh CLI commands and does not request extra environment variables, installs, or other privileges—its requirements are coherent with its stated purpose.
评估建议
This skill is an examples-only guide for using the GitHub 'gh' CLI. Before installing or enabling it, make sure the agent environment actually has the 'gh' CLI installed and authenticated with a GitHub account or token. Be aware that any gh-authenticated credentials available to the agent determine what repositories/actions the skill can access—limit the token scope to the minimum necessary and only grant access to accounts/repos you trust. Because the skill runs shell-style gh commands, avoid e...详细分析 ▾
✓ 用途与能力
The skill's name and description match the SKILL.md content: it instructs use of the GitHub 'gh' CLI (issues, PRs, runs, gh api). It does not ask for unrelated credentials or binaries.
✓ 指令范围
All runtime instructions are specific gh CLI invocations (gh pr, gh run, gh api, gh issue). They remain within the stated purpose and do not direct the agent to read arbitrary local files, environment variables, or to transmit data to external endpoints outside GitHub.
✓ 安装机制
There is no install spec and no code files. This is the lowest-risk model for an instruction-only skill.
ℹ 凭证需求
The skill declares no required env vars or credentials, which is reasonable for an instruction-only gh helper. However, effective use requires the 'gh' CLI to be installed and authenticated in the agent environment (e.g., gh auth login or GITHUB_TOKEN); the SKILL.md does not mention authentication or token scope, so users should ensure their gh credentials are present and appropriately scoped.
✓ 持久化与权限
always is false and there is no install step or self-modifying behavior. The skill does not request persistent presence or elevated system privileges.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/1/5
● 无害
安装命令 点击复制
官方npx clawhub@latest install github
镜像加速npx clawhub@latest install github --registry https://cn.clawhub-mirror.com
技能文档
Use the gh CLI to interact with GitHub. Always specify --repo owner/repo when not in a git directory, or use URLs directly.
Pull Requests
Check CI status on a PR:
gh pr checks 55 --repo owner/repo
List recent workflow runs:
gh run list --repo owner/repo --limit 10
View a run and see which steps failed:
gh run view --repo owner/repo
View logs for failed steps only:
gh run view --repo owner/repo --log-failed
API for Advanced Queries
The gh api command is useful for accessing data not available through other subcommands.
Get PR with specific fields:
gh api repos/owner/repo/pulls/55 --jq '.title, .state, .user.login'
JSON Output
Most commands support --json for structured output. You can use --jq to filter:
gh issue list --repo owner/repo --json number,title --jq '.[] | "\(.number): \(.title)"'
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制