← Back to Skills Marketplace
324
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install github-pr-manager
Description
GitHub PR 全流程管家。用于自动化管理 Pull Request 的整个生命周期:初始化跟踪、检查 CI 状态、处理 Review 意见、修复 DCO/代码问题、回复评论,直到 PR 合入 main。当用户需要持续跟进 PR 状态、处理 reviewer 反馈、自动化 GitHub 操作时触发此 skill。
README (SKILL.md)
GitHub PR 全流程管家
这个 skill 让你可以像有一个专职 PR 助理一样,自动处理从提交到合入的所有事务。
核心能力
1. PR 初始化与跟踪
当用户提交新 PR 或要求跟踪已有 PR 时:
步骤:
1. 确认仓库名和 PR 号
2. 使用 gh CLI 或浏览器获取 PR 当前状态
3. 创建 memory/pr-tracking.md 记录初始状态
4. 设置 cron 定时检查(默认每 2 小时)
5. 告知用户当前状态和阻塞项
2. CI 状态监控
自动检查并报告:
- DCO 签名状态
- GitHub Actions 检查
- 测试覆盖
- 代码质量检查
DCO 失败自动修复:
cd \x3Crepo-path>
git commit --amend --signoff --no-edit
git push --force-with-lease origin \x3Cbranch>
3. Review 意见处理
当检测到新的 review 时:
步骤:
1. 使用 gh api 获取所有 review 评论
2. 分类整理:必须修复 / 建议修改 / 讨论
3. 对每个必须修复项:
- 如果是代码问题 → 定位并修复
- 如果是流程问题 → 执行(如回复 issue、assign 等)
- 如果是问题讨论 → 准备回复
4. 提交修复并回复 reviewer
4. 评论自动回复
常见场景的自动回复模板:
| 场景 | 回复模板 |
|---|---|
| 已修复问题 | "@reviewer Fixed in commit \x3Chash>. Thanks for the review!" |
| 需要澄清 | "@reviewer Could you elaborate on ...? I want to make sure I understand correctly." |
| 已处理 issue assign | "@maintainer Done! I've replied to issue #XXX. Please assign it to me." |
| CI 已修复 | "DCO fixed and CI is now passing. Ready for another review!" |
5. 直到合入的完整跟踪
自动检测并通知:
- ✅ Review 通过
- ✅ 所有 CI 通过
- ✅ 冲突解决
- ✅ PR 合入 main
- ❌ Review 拒绝 / 需要重大修改
必要配置
GitHub CLI 设置
确保 gh CLI 已安装并登录:
# Windows
winget install --id GitHub.cli
# 登录(使用用户的 token)
echo "\x3Ctoken>" | gh auth login --with-token
Token 权限
需要以下权限的 GitHub Personal Access Token:
repo- 访问仓库代码workflow- 访问 Actionsread:org- 读取组织信息
工作流
场景 1:新 PR 提交后
用户:帮我提交这个 fix 到 vllm-omni
Agent:
1. Fork 目标仓库(如需要)
2. Clone 到 workspace
3. 创建分支、提交代码
4. Push 到用户 fork
5. 创建 PR
6. 设置跟踪任务
7. 报告 PR 链接和初始状态
场景 2:Review 来了
Agent(cron 检查):
1. 发现新 review
2. 分析 review 内容
3. 判断是否需要代码修改
4. 执行修复或准备回复
5. 提交修复并回复 reviewer
6. 通知用户处理结果
场景 3:直到合入
Agent(持续跟踪):
1. 每 2 小时检查 PR 状态
2. 状态变化时立即通知用户
3. 自动处理力所能及的问题
4. 需要人工决策时请示用户
5. PR 合入后发送庆祝消息
参考资料
- references/workflow.md - 完整工作流指南
- references/templates.md - 常用回复模板
与用户的交互原则
- 主动汇报关键节点 - Review 通过、CI 失败、PR 合入等
- 请示后再执行重大操作 - 如大幅重构代码、关闭 PR 等
- 保持记录 - 所有操作记录在 memory/pr-tracking.md
- 安全优先 - Token 不存储在消息中,使用本地配置文件
Usage Guidance
This skill's runtime instructions legitimately need the GitHub CLI and a Personal Access Token (repo/workflow/read:org) and will perform persistent, powerful operations (fork/clone, amend commits, force-push, call GH API, and create cron jobs and local tracking files). However, the registry metadata does not declare these requirements — that's an inconsistency you should resolve before installing. Before using or granting credentials: 1) Ask the publisher to update the manifest to explicitly list required binaries and the primary credential. 2) Provide a least-privilege token (avoid granting more scopes than necessary) or consider using a temporary token you can revoke. 3) Confirm exactly what cron job will be created, where (crontab user and commands), and how to remove it. 4) Understand that the skill will run force-pushes and amend commits — ensure you trust it and/or use a disposable environment or fork. 5) If you cannot verify the author/source or review the instructions in context, do not provide long-lived credentials or allow persistent cron setup. If you want to proceed, require the skill to prompt for explicit confirmation before any persistent or destructive actions (force-push, creating cron), and document how to audit and revoke its access.
Capability Analysis
Type: OpenClaw Skill
Name: github-pr-manager
Version: 1.0.0
The skill provides automated GitHub PR management, which inherently requires high-risk capabilities such as handling GitHub Personal Access Tokens (PAT) with 'repo' and 'workflow' scopes and performing automated write operations like 'git push --force-with-lease'. While these actions are aligned with the stated purpose in SKILL.md and references/workflow.md, the automated execution of shell commands for credential login (gh auth login) and repository modification poses a significant security risk. No clear evidence of intentional malice or data exfiltration was found, but the broad permissions and automated lifecycle management meet the criteria for a suspicious classification.
Capability Assessment
Purpose & Capability
The SKILL.md clearly requires the GitHub CLI (gh) and a Personal Access Token with repo/workflow/read:org permissions to perform forks, clones, pushes, PR creation, and API calls. However, the registry metadata lists no required binaries or environment variables. That mismatch is incoherent: a PR manager legitimately needs a GitHub token and gh, but the skill's manifest does not declare them.
Instruction Scope
Runtime instructions direct the agent to fork/clone repositories, amend commits (git commit --amend --signoff), force-push (git push --force-with-lease), call the GitHub API, create a local memory/pr-tracking.md, and set cron jobs to run periodic checks. These are all powerful actions and persist state outside of a single request; the SKILL.md also instructs authenticating gh via a token. The instructions do not constrain which repos/paths will be accessed beyond the user's requested PR, nor do they mandate explicit user confirmation for recurring automated actions (cron) beyond vague guidance to 'please ask the user for major operations'.
Install Mechanism
No install spec is provided (instruction-only), so nothing is downloaded or written by an installer. That limits some risks, but the runtime instructions themselves cause side effects (cron, git operations).
Credentials
The skill's documentation requires a GitHub Personal Access Token with broad repo/workflow/read:org scopes — appropriate for the described capabilities — but the registry metadata does not declare any required credentials. The absence of declared primaryEnv or required env vars is a red flag: the skill will need a sensitive token at runtime but the manifest omits it. The token scopes requested are broad (repo + workflow) and permit code and CI changes and might be over-privileged if the user wants limited actions.
Persistence & Privilege
Although always:false, the skill instructs creating cron jobs (default every 2 hours) and writing a persistent tracking file (memory/pr-tracking.md). That gives it continued system presence and autonomous activity outside an immediate user request. The skill does not document how to list/remove the cron job or where exactly the tracking file is stored; this persistence combined with credential usage increases risk.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install github-pr-manager - After installation, invoke the skill by name or use
/github-pr-manager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Full PR lifecycle management including CI monitoring, review handling, and automated tracking until merge
Metadata
Frequently Asked Questions
What is GitHub PR Manager?
GitHub PR 全流程管家。用于自动化管理 Pull Request 的整个生命周期:初始化跟踪、检查 CI 状态、处理 Review 意见、修复 DCO/代码问题、回复评论,直到 PR 合入 main。当用户需要持续跟进 PR 状态、处理 reviewer 反馈、自动化 GitHub 操作时触发此 skill。 It is an AI Agent Skill for Claude Code / OpenClaw, with 324 downloads so far.
How do I install GitHub PR Manager?
Run "/install github-pr-manager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is GitHub PR Manager free?
Yes, GitHub PR Manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does GitHub PR Manager support?
GitHub PR Manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created GitHub PR Manager?
It is built and maintained by zhuangzl (@godnight); the current version is v1.0.0.
More Skills