← Back to Skills Marketplace

Skill Publish Tool

Name: Skill Publish Tool
Author: shinelp100

by shinelp100 · GitHub ↗ · v1.0.4 · MIT-0

cross-platform ⚠ suspicious

120

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install skill-publish-tool

Description

自动更新 GitHub 仓库并发布 Skill 到 ClawHub。当用户需要发布 skill 更新时使用此技能。支持自动版本号递增、更新日志管理、Git 提交推送、ClawHub 发布。

Usage Guidance

This tool appears to implement the advertised publish workflow, but review and caution are advised before use: - Review the script before running. It uses shell=True and composes shell commands with user-supplied inputs (slug, changelog, commit message). Malicious or accidental special characters can change commands or inject arbitrary shell commands. If you don't trust inputs, do not run it. - Test in a throwaway repository first. Run with --skip-git and --skip-clawhub to verify file updates, then run with --skip-clawhub to validate Git behavior before publishing. - Sanitize inputs you pass (avoid quotes, backticks, semicolons, &&, |, etc.) or modify the script to use subprocess.run([...], shell=False) and properly escape/quote arguments. - Be cautious with the USAGE suggestions about force-push; force-pushing can irreversibly overwrite remote history. - Consider installing/pinning clawhub instead of using npx @latest (npx downloads code at runtime). If you must use npx, prefer pinning a known-safe version rather than @latest. - Ensure Git credentials and npm/ClawHub authentication are configured in a secure way (SSH keys or credential helpers), and avoid running the publish as root or in environments with broad access. If you want a higher-confidence assessment, provide any CI usage examples, the expected format of ClawHub authentication (token vs interactive login), or allow me to suggest a minimal patch to remove shell=True and safely pass arguments to external commands.

Capability Analysis

Type: OpenClaw Skill Name: skill-publish-tool Version: 1.0.4 The skill provides legitimate automation for publishing OpenClaw skills to GitHub and ClawHub, but it contains a critical shell injection vulnerability. The script `scripts/publish_skill.py` uses `subprocess.run(shell=True)` with unsanitized f-strings to execute commands, specifically incorporating the `--changelog` and `--slug` arguments directly into shell strings. While there is no evidence of intentional malice or data exfiltration, this implementation flaw allows for arbitrary command execution if malicious input is provided to the tool's parameters.

Capability Assessment

ℹ Purpose & Capability

Name/description match the code: the script updates package.json/_meta.json and README, commits/pushes via Git, and runs npx clawhub publish. However the registry metadata omitted required runtime dependencies (SKILL.md and the script require Git and Node/npm/npx), so the declared requirements are incomplete.

⚠ Instruction Scope

The runtime instructions and included script perform the advertised actions, but the script builds shell command strings from user inputs (slug, changelog, commit message, paths) and executes them via subprocess.run(..., shell=True). This introduces command injection and quoting issues (e.g., unescaped double quotes or shell metacharacters in --changelog or --slug). The USAGE/FAQ also suggests potentially dangerous operations like force-push, which can overwrite remote history if followed blindly.

ℹ Install Mechanism

There is no install spec in the registry, but the script invokes 'npx clawhub@latest', which will dynamically download/run code from the npm registry. Dynamic npx usage is convenient but means code is fetched at runtime from an external package registry (not bundled), which is a moderate-risk behavior and should be noted to users.

ℹ Credentials

The skill declares no required environment variables or credentials, which aligns with most of its behavior. It does, however, rely on local Git credentials (credential helper or SSH keys) and possibly npm auth if ClawHub publishing requires authentication; these implicit requirements are not declared in metadata and should be documented.

✓ Persistence & Privilege

The skill does not request permanent always:true inclusion, does not modify other skills, and only acts when invoked. It writes to files within the provided skill directory and may init a Git repo there — this is expected for a publisher.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install skill-publish-tool
After installation, invoke the skill by name or use /skill-publish-tool
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.4

使用可靠的文件编辑方法，彻底解决 edit 失败问题

v1.0.3

支持集合仓库（monorepo）发布模式，新增--collection-root 参数

v1.0.2

更新常见问题，添加 Git 远程仓库配置说明

v1.0.1

添加 USAGE.md 使用指南

v1.0.0

初始版本：支持自动版本号递增、Git 提交推送、ClawHub 发布、更新日志管理

Metadata

Slug skill-publish-tool

Version 1.0.4

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 5

Frequently Asked Questions

What is Skill Publish Tool?

自动更新 GitHub 仓库并发布 Skill 到 ClawHub。当用户需要发布 skill 更新时使用此技能。支持自动版本号递增、更新日志管理、Git 提交推送、ClawHub 发布。 It is an AI Agent Skill for Claude Code / OpenClaw, with 120 downloads so far.

How do I install Skill Publish Tool?

Run "/install skill-publish-tool" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Skill Publish Tool free?

Yes, Skill Publish Tool is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Skill Publish Tool support?

Skill Publish Tool is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Skill Publish Tool?

It is built and maintained by shinelp100 (@shinelp100); the current version is v1.0.4.

More Skills