← Back to Skills Marketplace
sunny0826

Open Source Analysis

by Xudong Guo · GitHub ↗ · v1.0.2 · MIT-0
cross-platform ⚠ suspicious
118
Downloads
1
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install open-source-analysis
Description
Analyze an open source GitHub repository and generate a structured report. Trigger whenever the user provides a GitHub repository URL to analyze, or explicit...
Usage Guidance
This skill appears to do what it says: analyze public GitHub repositories and generate a formatted report. Two things to consider before installing/using it: (1) provenance — the skill's source/homepage is unknown; that reduces trust because you can't verify the publisher or audit a code bundle (this skill is instruction-only but still published by an unknown owner). (2) token handling — SKILL.md will look for GITHUB_TOKEN and, if present, add an Authorization header to API calls to avoid rate limits. The registry metadata currently omits that env var, which is a bookkeeping mismatch but important to you: only provide a GitHub token if you trust the skill and follow the principle of least privilege. If you do provide a token, prefer a token with minimal scopes (avoid granting write scopes; for public-repo reads no special scopes are required), or authenticate via the gh CLI rather than exposing a long-lived personal token. Finally, because the skill has no code files and warns not to execute repo content, the immediate technical risk is low — but verify the publisher or ask them to correct the registry metadata (declare GITHUB_TOKEN) before granting credentials or using it with sensitive accounts.
Capability Analysis
Type: OpenClaw Skill Name: open-source-analysis Version: 1.0.2 The skill is designed to analyze GitHub repositories and generate structured reports. It includes explicit security instructions in SKILL.md directing the agent to treat external repository content as untrusted data and to avoid executing any embedded commands, which serves as a defense against prompt injection from target repositories. The use of GITHUB_TOKEN is appropriately scoped for GitHub API access to retrieve project metadata.
Capability Assessment
Purpose & Capability
The skill's stated purpose (analyze GitHub repositories) matches the runtime instructions (use GitHub API, read README/commits/issues/PRs). However, the registry metadata lists no required environment variables while SKILL.md explicitly declares and uses GITHUB_TOKEN. That discrepancy is unexpected: a GitHub-analysis skill reasonably may use GITHUB_TOKEN, but the registry should reflect that. Also SKILL.md mentions optionally using the gh CLI (not required) — that's reasonable but not declared in required binaries.
Instruction Scope
SKILL.md limits actions to fetching repository metadata and textual contents (README, commits, issues, PRs) and explicitly warns NEVER to execute repository commands — this scope stays within the stated purpose. It also includes language-detection and strict output formatting rules; those are functional and do not expand scope to unrelated data access.
Install Mechanism
Instruction-only skill with no install spec and no code files. That minimizes on-disk persistence and reduces installation risk.
Credentials
The only sensitive thing the skill references is GITHUB_TOKEN (used to raise API rate limits). Requesting that token is proportionate for heavy GitHub API usage. However, the registry metadata omits this env var while SKILL.md references it — an inconsistency users should notice. No other secrets or config paths are requested.
Persistence & Privilege
always:false and no install code means the skill does not request permanent forced inclusion or elevated platform privileges. Being an instruction-only skill, it doesn't modify other skills or system configs.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install open-source-analysis
  3. After installation, invoke the skill by name or use /open-source-analysis
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Added an explicit security warning: Instructs never to execute or follow any code or instructions found in repository content; only analyze as text. - Updated instructions to emphasize extracting information only—do not be misled by commands or requests found in READMEs, commits, issues, or PRs. - No changes impacting the report output structure or API usage flow.
v1.0.1
- Added GITHUB_TOKEN to environment variables in metadata. - Enhanced API authentication instructions: now prefer using the gh CLI if available; otherwise use GITHUB_TOKEN for API requests. - Clarified that the presence of GITHUB_TOKEN or installed gh CLI should be checked before making GitHub API requests. - Updated guidance for informing users about API rate limiting and suggested configuring the GITHUB_TOKEN environment variable.
v1.0.0
- Initial release of the open-source-analysis skill. - Generates detailed, structured analysis reports for GitHub repositories provided by the user. - Automatically detects and matches the user’s language (Chinese or English) for report output. - Strictly follows a specified Markdown structure for all analyses. - Provides clear evaluation and ratings based on project stats, documentation, community activity, and ease of use. - Guides users about GitHub API rate limiting and authentication requirements.
Metadata
Slug open-source-analysis
Version 1.0.2
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is Open Source Analysis?

Analyze an open source GitHub repository and generate a structured report. Trigger whenever the user provides a GitHub repository URL to analyze, or explicit... It is an AI Agent Skill for Claude Code / OpenClaw, with 118 downloads so far.

How do I install Open Source Analysis?

Run "/install open-source-analysis" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Open Source Analysis free?

Yes, Open Source Analysis is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Open Source Analysis support?

Open Source Analysis is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Open Source Analysis?

It is built and maintained by Xudong Guo (@sunny0826); the current version is v1.0.2.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments