← Back to Skills Marketplace
github-helper
by
dandandujie
· GitHub ↗
· v1.0.0
530
Downloads
0
Stars
5
Active Installs
1
Versions
Install in OpenClaw
/install github-helper
Description
Local GitHub repository helper for search, clone, sync, and issue/PR inspection workflows. Use when users mention github/repo/repository, ask to download or...
README (SKILL.md)
GitHub Helper
Overview
管理本地 GitHub 仓库目录,维护可检索知识库,并为仓库检索、克隆、Issue/PR 跟踪提供统一流程。
Local Repository Directory
Default path: /Users/liuchen/Documents/github
This path is referenced in the knowledge base file: @/Users/liuchen/Documents/github/CLAUDE.md
Core Workflows
1. Initialize or Update Knowledge Base
When first using this skill or when user requests an update:
- Check if the github directory exists.
- If not found, ask user for the correct path.
- Scan the directory using
scripts/scan_repos.py. - Update CLAUDE.md using
scripts/update_kb.py.
Example:
# Scan repositories
python3 scripts/scan_repos.py /Users/liuchen/Documents/github
# Update knowledge base (pass repos as JSON)
python3 scripts/update_kb.py /Users/liuchen/Documents/github '[{"name":"repo1","path":"/path","summary":"desc"}]'
2. Search for Repository
When user mentions a repository name:
- Check local first: Read
@/Users/liuchen/Documents/github/CLAUDE.md. - If found locally: Use local path to analyze and answer.
- If not found: Search GitHub using
ghor GitHub MCP tools. - Offer to download: Ask user whether to clone.
3. Download Repository
When user requests to download/clone:
- Clone to the github directory:
cd /Users/liuchen/Documents/github git clone \x3Crepo-url> - After successful clone, update knowledge base:
- Run
scripts/scan_repos.pyto get repo info. - Run
scripts/update_kb.pyto update CLAUDE.md.
- Run
4. GitHub Search Integration
Use gh CLI first, then fall back to GitHub MCP:
Search repositories
gh search repos \x3Cquery> --limit 10
Search issues
gh issue list --repo \x3Cowner/repo> --state all --limit 20
Search PRs
gh pr list --repo \x3Cowner/repo> --state all --limit 20
Answering Repository Questions
- Check whether repository exists in local knowledge base.
- If local, prioritize local code inspection.
- If information is insufficient, query GitHub issues/PRs/releases.
Directory Validation
If /Users/liuchen/Documents/github does not exist:
- Ask user for the correct repository root path.
- Update this SKILL.md path if needed.
- Initialize knowledge base at the new location.
Scripts
scan_repos.py: Scan local repositories and extract summaries.update_kb.py: UpdateCLAUDE.mdwith repository metadata.
Usage Guidance
This skill appears to do what it says: scan a local GitHub folder, optionally call gh/git, clone repos into a local directory and maintain a CLAUDE.md summary file. Before installing or invoking it: (1) confirm or change the default path (/Users/liuchen/Documents/github) so it doesn't access an unexpected directory; (2) ensure git and the gh CLI are installed and that you are comfortable the skill can run clone operations (which write to disk and perform network calls); (3) inspect and run the included scripts manually if you want to verify behavior — they only read README files and write CLAUDE.md, but cloning will bring remote repo contents onto your machine; (4) be cautious if you have sensitive/private repos in the target directory or limited disk/quota; and (5) ask the skill author to clarify the ambiguous instruction about updating SKILL.md (is the agent expected to edit installed skill files?).
Capability Analysis
Type: OpenClaw Skill
Name: github-helper
Version: 1.0.0
The skill is classified as suspicious due to multiple potential shell injection vulnerabilities outlined in `SKILL.md`. The instructions explicitly show direct execution of `git clone <repo-url>` and `gh` CLI commands (e.g., `gh search repos <query>`, `gh issue list --repo <owner/repo>`). If the `<repo-url>`, `<query>`, or `<owner/repo>` arguments are derived from untrusted user input without proper sanitization by the agent, this could lead to arbitrary command execution (RCE). While the Python scripts themselves are benign, the way they are instructed to be called, and especially the `git` and `gh` commands, present a significant security risk.
Capability Assessment
Purpose & Capability
The name, description, SKILL.md and included scripts are coherent: they scan a local GitHub directory and update a CLAUDE.md knowledge file and use git/gh for remote queries. However, SKILL.md explicitly references gh and git and a specific default path (/Users/liuchen/Documents/github) while the skill's metadata declares no required binaries or environment variables — the missing declaration of required CLI tools and the hardcoded user path are minor mismatches that should be clarified.
Instruction Scope
Instructions stay within the stated purpose (scan local repos, optionally call gh/remote search, clone into the local dir, update CLAUDE.md). Two items to note: (1) SKILL.md uses a hardcoded absolute path tied to a particular user account and will read/write files there; (2) the doc says 'Update this SKILL.md path if needed,' which implies editing the skill's documentation/config but no script in the package performs that — this is ambiguous and could grant the agent discretionary modification of skill files if implemented elsewhere.
Install Mechanism
This is instruction-only with small helper scripts included; there is no download/install step, no external archive URLs, and nothing will be written to disk by an installer. The scripts themselves are simple and local.
Credentials
The skill does not request environment variables or credentials. The workflows mention gh (GitHub CLI) and git usage, which are reasonable for a GitHub helper; no unexplained secret access is requested.
Persistence & Privilege
always:false and normal autonomous invocation are set (expected). The skill will read and write files inside the configured repo directory (cloning repos and writing CLAUDE.md). The SKILL.md text suggests updating its own path entry, which would amount to modifying the skill docs/config if acted on — that behavior is not implemented in the provided scripts but should be treated as a potential source of unexpected file edits if the agent is given permission.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install github-helper - After installation, invoke the skill by name or use
/github-helper - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of github-helper for local GitHub repository management.
- Provides workflows to search, clone, sync, and inspect issues/PRs for repositories at `/Users/liuchen/Documents/github`
- Integrates local knowledge base using CLAUDE.md, updated via helper scripts (`scan_repos.py`, `update_kb.py`)
- Uses GitHub CLI (`gh`) for searching repositories, issues, and PRs; falls back to MCP tools if needed
- Supports user prompts for directory validation and repository downloads/cloning
- Prioritizes local inspection for repository questions, with fallback to GitHub queries when needed
Metadata
Frequently Asked Questions
What is github-helper?
Local GitHub repository helper for search, clone, sync, and issue/PR inspection workflows. Use when users mention github/repo/repository, ask to download or... It is an AI Agent Skill for Claude Code / OpenClaw, with 530 downloads so far.
How do I install github-helper?
Run "/install github-helper" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is github-helper free?
Yes, github-helper is completely free (open-source). You can download, install and use it at no cost.
Which platforms does github-helper support?
github-helper is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created github-helper?
It is built and maintained by dandandujie (@dandandujie); the current version is v1.0.0.
More Skills