← Back to Skills Marketplace
Github Bounty Finder
by
lvjunjie-byte
· GitHub ↗
· v1.0.0
· MIT-0
191
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install github-bounty-finder-cn
Description
Scan GitHub and Algora bounties to find high-value, low-competition opportunities with automated scoring and actionable recommendations.
README (SKILL.md)
GitHub Bounty Finder Skill
🎯 Find high-value GitHub and Algora bounties with automated competition analysis
Description
GitHub Bounty Finder is a powerful scanning tool that helps developers discover lucrative bounty opportunities on GitHub and Algora. It automatically analyzes competition levels, scores opportunities, and provides actionable recommendations.
Features
- 🔍 Multi-Platform Scanning: Scan both GitHub Issues and Algora bounties
- 📊 Competition Analysis: Analyze PR counts, comments, and engagement
- 🎯 Smart Filtering: Auto-filter low-competition, high-value opportunities
- 💰 Opportunity Scoring: 0-100 scoring algorithm based on value, competition, and freshness
- 🤖 Automated Recommendations: Get actionable insights for each bounty
- 📈 Pricing Intelligence: Market-based pricing recommendations
Installation
# Install via clawhub
clawhub install github-bounty-finder
# Or install manually
cd skills/github-bounty-finder
npm install
Configuration
Create a .env file in the skill directory:
GITHUB_TOKEN=your_github_personal_access_token
ALGORA_API_KEY=your_algora_api_key
Getting API Keys
-
GitHub Token:
- Go to GitHub Settings → Developer settings → Personal access tokens
- Create a token with
public_reposcope
-
Algora API Key:
- Visit https://algora.io/settings/api
- Generate a new API key
Usage
Basic Scan
github-bounty-finder scan
Advanced Options
# Custom search query
github-bounty-finder scan --query "bug bounty"
# Set minimum bounty amount
github-bounty-finder scan --min-bounty 500
# Limit competition (max comments)
github-bounty-finder scan --max-competition 3
# GitHub only
github-bounty-finder scan --github-only
# Save results to file
github-bounty-finder scan --output results.json
Demo Mode
github-bounty-finder demo
Check Configuration
github-bounty-finder config
Output Format
The scanner returns structured data:
{
"bounties": [
{
"id": 123,
"title": "Fix memory leak",
"url": "https://github.com/...",
"bountyAmount": 1500,
"comments": 0,
"score": 95,
"competitionLevel": "None",
"recommendedAction": "🔥 HIGH PRIORITY - Apply immediately"
}
],
"totalFound": 25,
"highPriority": 5,
"goodOpportunities": 12,
"pricingRecommendation": {
"recommendedPrice": 149,
"currency": "USD",
"billingCycle": "monthly"
}
}
Opportunity Scoring Algorithm
Scores are calculated based on:
-
Bounty Value (0-30 points): Higher bounties score better
- $1000+: +30 points
- $500+: +20 points
- $200+: +10 points
-
Competition Level (0-40 points): Less competition is better
- 0 comments: +40 points
- 1-2 comments: +30 points
- 3-5 comments: +20 points
- 6-10 comments: +10 points
-
Freshness (0-20 points): Newer is better
- ≤3 days: +20 points
- ≤7 days: +15 points
- ≤14 days: +10 points
- ≤30 days: +5 points
Pricing Strategy
Recommended Price: $149/month
Justification:
- Average bounty value: $500-2000
- Time saved: 10-20 hours/week on manual searching
- ROI: One successful bounty covers 3-6 months subscription
- Target market: Professional developers, bounty hunters, OSS contributors
Expected Revenue: $3,000-8,000/month
- Conservative: 20 subscribers × $149 = $2,980/month
- Target: 50 subscribers × $149 = $7,450/month
- Optimistic: 100 subscribers × $149 = $14,900/month
Integration Examples
Node.js
const BountyScanner = require('github-bounty-finder');
const scanner = new BountyScanner({
minBounty: 200,
maxCompetition: 5
});
const results = await scanner.scan({
github: true,
algora: true,
limit: 100
});
console.log(`Found ${results.highPriority} high-priority bounties!`);
CLI Automation
# Daily scan with cron
0 9 * * * github-bounty-finder scan --min-bounty 500 --output /path/to/results.json
Troubleshooting
API Rate Limits
If you hit GitHub API rate limits:
- Use authenticated requests (set GITHUB_TOKEN)
- Reduce scan frequency
- Increase delay between requests
No Results Found
- Lower your
--min-bountythreshold - Increase
--max-competitionlimit - Try different search queries
License
MIT
Support
For issues and feature requests, visit the GitHub repository.
Made with 🐉 by OpenClaw Skills
Usage Guidance
What to check before installing: 1) Confirm the author/repository (the registry metadata lists a GitHub repo but owner/publish details are sparse). 2) Don't provide long-lived or broad-scope tokens — create a GitHub token with only the public_repo scope if possible and rotate it after use; verify Algora key scope. 3) Because the registry metadata did not declare required env vars or an install step, assume you'll need to run npm install in the skill folder — review package.json dependencies and run npm audit. 4) Inspect src/scanner.js (it only calls api.github.com and api.algora.io via axios) and verify there are no additional remote endpoints; run the tool first in demo mode to verify behavior before supplying credentials. 5) Prefer running in an isolated environment (container/VM) if you must supply secrets. 6) Ask the publisher to fix the registry metadata to explicitly list required env vars and provide a verified source URL — that fixes the main transparency issue and would raise confidence.
Capability Analysis
Type: OpenClaw Skill
Name: github-bounty-finder-cn
Version: 1.0.0
The skill is a functional bounty scanner for GitHub and Algora that uses standard APIs to identify and score open issues based on value and competition. The code in `src/scanner.js` and `bin/cli.js` is transparent, handles secrets via environment variables, and lacks any evidence of data exfiltration, obfuscation, or malicious execution. While the documentation (SKILL.md, README.md, and RELEASE.md) contains extensive marketing and pricing strategy content suggesting a high-value subscription model, these are purely informational and do not contain prompt injection attacks or harmful instructions for the AI agent.
Capability Assessment
Purpose & Capability
The code and SKILL.md clearly require a GITHUB_TOKEN and ALGORA_API_KEY to perform scans, which is coherent with the stated purpose. However, the registry metadata lists no required env vars or primary credential — that omission is inconsistent and could mislead users about what secrets are needed.
Instruction Scope
SKILL.md and the CLI instruct the user to create a .env containing GITHUB_TOKEN and ALGORA_API_KEY and the runtime code reads process.env for those keys. The SKILL.md does not ask for or instruct any other unrelated data access, but the skill documentation references env vars that are not declared in the package/registry metadata — this mismatch is a scope/visibility problem that reduces transparency.
Install Mechanism
There is no ClawHub install spec in the registry (skill said to be 'instruction-only'), but the package includes Node source and a package.json with npm dependencies (axios, node-fetch, dotenv, etc.). Installation will require running npm install (no remote archive downloads observed). It's relatively low technical risk but the lack of install metadata is an inconsistency users should be aware of.
Credentials
The skill legitimately needs GitHub and Algora API credentials to function. However, the registry metadata does not declare those required env vars or a primary credential, and the code expects full tokens in process.env. Ensure tokens are limited-scope (e.g., GitHub public_repo only) and you understand where they will be stored (.env in skill directory).
Persistence & Privilege
The skill is not always-enabled and does not request elevated system-wide privileges. It does not attempt to modify other skills or system configuration. Autonomous invocation is allowed (default), which is expected for skills of this type.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install github-bounty-finder-cn - After installation, invoke the skill by name or use
/github-bounty-finder-cn - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of GitHub Bounty Finder.
- Scans GitHub Issues and Algora bounties for high-value opportunities.
- Automatically analyzes competition, scores bounties, and gives actionable recommendations.
- Supports smart filtering, pricing intelligence, and structured output.
- Includes CLI and Node.js integration examples.
- Provides detailed configuration, usage instructions, and pricing strategy.
Metadata
Frequently Asked Questions
What is Github Bounty Finder?
Scan GitHub and Algora bounties to find high-value, low-competition opportunities with automated scoring and actionable recommendations. It is an AI Agent Skill for Claude Code / OpenClaw, with 191 downloads so far.
How do I install Github Bounty Finder?
Run "/install github-bounty-finder-cn" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Github Bounty Finder free?
Yes, Github Bounty Finder is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Github Bounty Finder support?
Github Bounty Finder is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Github Bounty Finder?
It is built and maintained by lvjunjie-byte (@lvjunjie-byte); the current version is v1.0.0.
More Skills