← Back to Skills Marketplace

Repo Guardian

Name: Repo Guardian
Author: corbin-breton

by Corbin Breton · GitHub ↗ · v1.4.1 · MIT-0

cross-platform ✓ Security Clean

212

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install repo-guardian

Description

Automated GitHub PR review governance and repository maintenance automation. Use when reviewing pull requests with dual-model consensus, enforcing merge gate...

Usage Guidance

This skill appears to do what it says, but before installing: 1) Use a fine‑grained GH token scoped only to the repository and only with write permissions if you enable auto-merge; leave write/remove scopes off if you only want review. 2) Be aware that PR diffs and filenames are sent to whichever model providers your OpenClaw agents use—confirm those providers, retention, and data-handling policies. 3) Test in dry-run mode and/or set GUARDIAN_AUTO_MERGE=false initially; use the 'skip-guardian' label on sensitive PRs. 4) Ensure the configured agent names (GUARDIAN_AGENT / GUARDIAN_REVIEWER_B_AGENT) map to trusted agent configurations so reviews go to the intended models. If you want further assurance, request the full (non-truncated) guardian.sh to review any truncated portions or to audit its complete merge/comment payload construction.

Capability Analysis

Type: OpenClaw Skill Name: repo-guardian Version: 1.4.1 The repo-guardian skill is a legitimate automation tool for GitHub PR reviews and repository maintenance. The bash script (scripts/guardian.sh) implements a dual-model consensus logic by dispatching PR diffs to AI agents via the OpenClaw CLI and performing actions based on their JSON verdicts. It demonstrates good security practices, such as using Python for safe JSON serialization of API payloads to prevent injection and explicitly warning users about GH_TOKEN scope management.

Capability Assessment

✓ Purpose & Capability

The skill's name/description (automatic PR review, dual-model consensus, auto-merge, triage) aligns with what it requires: GH_TOKEN for GitHub API access, agent names to dispatch reviews, auto-merge/auto-fix and max limits. Required binaries (openclaw, python3, curl) are used by the included shell script and are appropriate.

ℹ Instruction Scope

SKILL.md and scripts explicitly fetch PR metadata, diffs and file lists and send them in prompts to configured OpenClaw agents for review (diffs truncated to 500 lines). That behavior is expected for this skill but is a privacy/data-exposure vector: repository code from open PRs will be transmitted to whatever model providers your agents are configured to use. The script avoids leaking GH_TOKEN into prompts and truncates large diffs; it also honors a 'skip-guardian' label. These protections are reasonable but you should confirm your model endpoints and retention policies.

✓ Install Mechanism

No install spec (instruction-only plus included script). Nothing is downloaded or written by an installer; the runtime uses existing binaries. This is low-install-risk.

✓ Credentials

Required environment variables are configuration flags and the GH_TOKEN credential needed to call the GitHub API. No unrelated credentials are requested. The documentation recommends limited scopes and differentiates read-only vs write for auto-merge—appropriate and proportionate.

✓ Persistence & Privilege

The skill is user-invocable, not always-on. It can autonomously invoke models (platform default) and perform merges/comments when given a token and enabled flags; this matches the declared functionality. It does not request persistent elevated platform privileges or modify other skills' configs.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install repo-guardian
After installation, invoke the skill by name or use /repo-guardian
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.4.1

- Added required environment variables to metadata: GUARDIAN_AGENT, GUARDIAN_REVIEWER_B_AGENT, GUARDIAN_REPO, GUARDIAN_AUTO_MERGE, GUARDIAN_AUTO_FIX, GUARDIAN_MAX_PRS, GUARDIAN_MAX_ISSUES. - Included 'openclaw' as a required bin in metadata. - Updated documentation to reflect these additional required environment variables. - No behavioral or logic changes to review or triage flow.

v1.4.0

Version 1.4.0 of repo-guardian - Added OpenClaw-compatible metadata, including required environment variables (`GH_TOKEN`) and dependencies (`gh`, `python3`, `curl`). - Introduced a `homepage` field for quick reference and skill discovery. - Improved documentation by clarifying that the skill works on any GitHub repository. - Updated skill boundaries and requirements for better clarity and OpenClaw integration. - Version bump from 1.3.1 to 1.4.0.

v1.3.1

repo-guardian 1.3.1 - Added support for configuring Reviewer A and Reviewer B agents via new environment variables (`GUARDIAN_AGENT` and `GUARDIAN_REVIEWER_B_AGENT`). - Updated documentation to clarify agent configuration and default selection for cross-model review. - Cron job documentation now uses a generic `<your-agent-name>` placeholder for improved clarity.

v1.3.0

## Repo Guardian 1.3.0 - Clarified environment variable requirements: `GH_TOKEN` must be set explicitly; the script no longer falls back to `gh auth token`. - Updated documentation in SKILL.md to emphasize required environment variables and binaries. - Minor adjustments to requirements and usage sections for improved clarity and safety. - No functional changes to review workflow or core automation; changes are documentation and configuration-focused.

v1.2.1

- Added openclaw as a required binary in skill requirements. - Bumped version to 1.2.1 in the skill manifest. - No functional or logic changes to the skill's behavior.

v1.2.0

**Version 1.2.0 — Data Privacy & Requirements Improvements** - Added an explicit privacy/disclosure section detailing how repository code is transmitted to model providers, with clarification on diff truncation and token use. - Declared required environment variables and binaries in SKILL.md under a new `requires` field. - Updated token scope recommendations for improved least-privilege security. - Minor clarifications on data flow, privacy, and restrictions in documentation. - No core logic or functionality changes to the review or triage flow.

v1.1.0

Added structured trace logging (P4) for review run audit trails — tracks PR outcomes, model agreement rate, and anomalies

v1.0.1

Extend safety section: credential handling, auto-merge opt-in, audit trail, repo scope constraints

v1.0.0

Initial publish

Metadata

Slug repo-guardian

Version 1.4.1

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 9

Frequently Asked Questions

What is Repo Guardian?

Automated GitHub PR review governance and repository maintenance automation. Use when reviewing pull requests with dual-model consensus, enforcing merge gate... It is an AI Agent Skill for Claude Code / OpenClaw, with 212 downloads so far.

How do I install Repo Guardian?

Run "/install repo-guardian" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Repo Guardian free?

Yes, Repo Guardian is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Repo Guardian support?

Repo Guardian is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Repo Guardian?

It is built and maintained by Corbin Breton (@corbin-breton); the current version is v1.4.1.

More Skills