← Back to Skills Marketplace
371
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install gitea-actions
Description
Trigger workflows, list runs, and get status for Gitea/Forgejo Actions workflows using owner, repo, and workflow details via API.
README (SKILL.md)
Gitea Actions
Trigger and query Gitea/Forgejo Actions workflows.
Environment Variables
GITEA_URL- Gitea API URL (e.g.,http://8.137.50.76:10000)GITEA_TOKEN- Gitea API token
Usage
node -e "
const gitea = require('~/.openclaw/skills/gitea-actions/index.js');
// Trigger workflow
gitea({ action: 'dispatch', owner: 'gg', repo: 'web3-mini-game', workflow: 'deploy-vercel.yml', ref: 'master' })
// List runs
gitea({ action: 'runs', owner: 'gg', repo: 'web3-mini-game' })
// Get run status
gitea({ action: 'run', owner: 'gg', repo: 'web3-mini-game', runId: 123 })
"
Actions
| Action | Description |
|---|---|
| dispatch | Trigger a workflow dispatch |
| runs | List workflow runs |
| run | Get single run status |
Inputs
| Field | Type | Required | Description |
|---|---|---|---|
| action | string | ✅ | dispatch, runs, or run |
| owner | string | ✅ | Repository owner |
| repo | string | ✅ | Repository name |
| workflow | string | ❌ | Workflow file (for dispatch/runs) |
| ref | string | ❌ | Git ref (default: master) |
| runId | number | ❌ | Run ID (for run action) |
Usage Guidance
This skill appears to do what it says: call Gitea Actions endpoints. Before installing, confirm the developer updates the registry metadata to declare GITEA_URL and GITEA_TOKEN and documents the need for the system 'curl' binary (or replace curl with a Node HTTP call). Only provide a Gitea token that has the minimum permissions (dispatch/list/read runs) and point GITEA_URL to a trusted instance. If you already set a token for testing and you don't trust the source, consider rotating/revoking it after use. When in doubt, ask the author to explain why metadata omits required env vars and to remove or explain the example IP in SKILL.md.
Capability Analysis
Type: OpenClaw Skill
Name: gitea-actions
Version: 0.1.0
The skill is designed to interact with Gitea/Forgejo Actions. It uses `node:child_process.spawn` to execute `curl` commands, but arguments are passed as an array, and user-controlled inputs (like owner, repo, workflow) are properly URL-encoded or JSON-stringified before being included in the `curl` command or its body. This prevents shell injection vulnerabilities. Sensitive environment variables (`GITEA_URL`, `GITEA_TOKEN`) are accessed as required for the skill's functionality and are not exfiltrated. The `SKILL.md` file contains no prompt injection attempts or instructions for the agent to perform malicious actions. The code aligns with its stated purpose without exhibiting malicious intent or significant vulnerabilities.
Capability Assessment
Purpose & Capability
The skill's name/description (trigger/query Gitea/Forgejo Actions) matches what the code does: it constructs Gitea API URLs and calls them. However the registry metadata claims no required environment variables or credentials, while both SKILL.md and index.js require GITEA_URL and GITEA_TOKEN. That mismatch is an incoherence you should resolve before trusting the skill.
Instruction Scope
SKILL.md instructs running the bundled index.js from ~/.openclaw/skills and documents the two env vars the code needs. The runtime instructions stay within the stated purpose (only call the specified Gitea API endpoints). One omission: the docs do not mention that the code invokes the system curl binary, so a user might be surprised if curl is missing or behaves unexpectedly.
Install Mechanism
This is instruction-only with no install spec, so nothing is downloaded or installed by the skill itself. That lowers installation risk.
Credentials
The code requires GITEA_URL and GITEA_TOKEN (sensible and proportionate for interacting with a Gitea API). But the skill registry metadata lists no required env vars and no primary credential — a clear inconsistency. Also the SKILL.md example uses an IP address (http://8.137.50.76:10000) which could be an innocuous example, but you should verify you are pointing the token to your intended Gitea instance before providing credentials.
Persistence & Privilege
The skill does not request persistent presence (always: false) and does not modify agent/system configuration. It runs only when invoked and does not enable autonomous elevation of privileges beyond normal skill invocation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gitea-actions - After installation, invoke the skill by name or use
/gitea-actions - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release.
- Add ability to trigger Gitea/Forgejo Actions workflows remotely.
- Support listing workflow runs for a repository.
- Enable querying the status of a single workflow run.
- Usage requires setting GITEA_URL and GITEA_TOKEN environment variables.
- Actions available: dispatch, runs, and run.
Metadata
Frequently Asked Questions
What is Gitea Actions?
Trigger workflows, list runs, and get status for Gitea/Forgejo Actions workflows using owner, repo, and workflow details via API. It is an AI Agent Skill for Claude Code / OpenClaw, with 371 downloads so far.
How do I install Gitea Actions?
Run "/install gitea-actions" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Gitea Actions free?
Yes, Gitea Actions is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Gitea Actions support?
Gitea Actions is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Gitea Actions?
It is built and maintained by Tom (@qizhou-guo); the current version is v0.1.0.
More Skills