← Back to Skills Marketplace

repo-scout

Name: repo-scout
Author: sliverp

by Bijin · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

114

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install repo-scout

Description

Discover, evaluate, and rank GitHub repositories in any ecosystem or domain. Produces a structured ranking document with star counts, languages, issue health...

Usage Guidance

What to consider before installing and running repo-scout: - The SKILL.md asks you to use an authenticated GitHub CLI or provide a GH_TOKEN; the skill manifest did not declare this. Treat that as a manifest bug and exercise caution. - Only provide a GitHub token with the minimal scopes needed (read-only repo access or fine-grained token scoped to public repositories). Do NOT supply a full org-admin or write-scoped token. - Prefer authenticating gh locally (gh auth login) rather than pasting a token into a UI or environment that you don't control. If you must export GH_TOKEN, do so in a temporary shell and revoke the token after use. - Review the generated {workspace}/ecosystem-top{N}.md before using downstream workflows. The skill will run gh and fetch repo files; verify outputs for sensitive info before sharing. - Ask the skill author/registry maintainer to update the manifest to declare required binaries (gh) and required env vars (GH_TOKEN) so the platform can surface the requirement transparently. - Because this is instruction-only (no install code), the immediate code risk is low, but the undeclared credential requirement is the main concern. If you need higher assurance, request the author to provide an explicit list of required gh scopes and to confirm the skill will not transmit the token elsewhere.

Capability Analysis

Type: OpenClaw Skill Name: repo-scout Version: 1.0.0 The 'repo-scout' skill is a legitimate tool designed to discover and rank GitHub repositories based on contribution friendliness. It uses the standard GitHub CLI (`gh`) for data collection and produces a structured markdown report in the workspace, with no evidence of malicious execution, data exfiltration, or prompt injection (SKILL.md).

Capability Assessment

⚠ Purpose & Capability

The SKILL.md explicitly requires an authenticated GitHub CLI (gh) and suggests providing a GH_TOKEN; however, the registry metadata declares no required binaries, no required environment variables, and no primary credential. That is an internal inconsistency: a GitHub token and gh binary are legitimate for the skill's purpose, but they should be declared by the manifest.

ℹ Instruction Scope

Instructions stay within the stated purpose: searching GitHub, inspecting repo files (CONTRIBUTING.md, .github/workflows), running gh issue commands, and writing a ranking markdown into the workspace. They do ask the user to provide or export a GH_TOKEN and GitHub username if CLI auth is not present. There are no instructions to read unrelated local files or exfiltrate data to unexpected endpoints.

✓ Install Mechanism

This is an instruction-only skill with no install spec and no code files, which is low-risk from an installation payload perspective.

⚠ Credentials

The runtime needs a GitHub token (GH_TOKEN) and an authenticated gh CLI to avoid rate limits and access private data, but the manifest did not declare these environment or credential requirements. Requesting a token is proportional to the functionality, but the undeclared credential is a transparency/manifest issue and increases risk if users supply a token with overly broad scopes.

✓ Persistence & Privilege

The skill does not request 'always' presence, does not modify other skills, and only writes an output file to the workspace as described. Autonomous invocation is allowed by default but not combined with other privilege red flags here.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install repo-scout
After installation, invoke the skill by name or use /repo-scout
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial public release of repo-scout. - Discover, evaluate, and rank GitHub repositories by ecosystem or domain. - Produces a structured markdown report with star counts, languages, issue health, and contribution friendliness scores. - Supports advanced scoring: considers bugs, contribution docs, CI/CD, community size, and PR responsiveness. - Includes workflow to define search criteria, systematically collect data, rank, and filter repositories. - Enables easy identification of top open-source projects and skipping of unsuitable candidates.

Metadata

Slug repo-scout

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is repo-scout?

Discover, evaluate, and rank GitHub repositories in any ecosystem or domain. Produces a structured ranking document with star counts, languages, issue health... It is an AI Agent Skill for Claude Code / OpenClaw, with 114 downloads so far.

How do I install repo-scout?

Run "/install repo-scout" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is repo-scout free?

Yes, repo-scout is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does repo-scout support?

repo-scout is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created repo-scout?

It is built and maintained by Bijin (@sliverp); the current version is v1.0.0.

More Skills