← Back to Skills Marketplace
GitCode API
by
do_while_true
· GitHub ↗
· v1.3.0
· MIT-0
453
Downloads
1
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install gitcode
Description
Fetch and query data from GitCode platform via its REST API: repositories, branches, issues, pull requests, commits, tags, users, organizations, search, webh...
README (SKILL.md)
GitCode API
何时使用
查仓库/分支/议题/PR/提交/标签、用户与组织、搜索、Webhook、成员、发布等 GitCode 数据。全量 API 一览(每个接口的功能说明与可获取信息)见 reference.md,为本 skill 唯一 API 说明文档。
请求与认证
- Base URL:
https://api.gitcode.com/api/v5 - 认证:以下接口须带 Token(否则可能 400/401):pulls、issues、branches、commits、仓库详情与文件列表、tags、releases、members、webhooks 等。
- Token 获取方式(按优先级):
- 用户直接提供:用户可在问题中直接提供 token,如"获取 gitcode 上 owner/repo 仓库的 star 数量,token 是 xxxxx"
- 环境变量:从
GITCODE_TOKEN读取,顺序:(1) 当前进程$env:GITCODE_TOKEN(PowerShell)或$GITCODE_TOKEN(bash);(2) Windows 用户变量[Environment]::GetEnvironmentVariable('GITCODE_TOKEN','User');(3) Windows 系统变量[Environment]::GetEnvironmentVariable('GITCODE_TOKEN','Machine')
- 请求头:使用
PRIVATE-TOKEN: {token}或Authorization: Bearer {token},或查询参数access_token={token} - 未配置时:提示用户到 GitCode 个人访问令牌 创建 Token(勾选 read_api、read_repository 等),并设置环境变量
GITCODE_TOKEN。
状态码与限流
| Code | 含义 |
|---|---|
| 200/201/204 | 成功 |
| 400 | 缺少参数或未带认证(部分接口) |
| 401 | Token 无效或缺失 |
| 403/404/409/422 | 禁止/未找到/冲突/校验失败 |
| 429 | 限流(默认 50/分钟、4000/小时) |
接口与示例
- 全量接口:所有 v5 接口的 Method / Path / 功能说明 / 可获取信息 / 官方文档链接见 reference.md(含 Repositories、Branch、Issues、Search、PR、Commit、Tag、Labels、Milestone、Users、Orgs、Webhooks、Member、Release 等)。
- 调用示例:见 examples.md。
- 官方文档:\x3Chttps://docs.gitcode.com/docs/apis/>(每接口单独页含参数与响应)。
Usage Guidance
This skill appears to be a GitCode API client and documentation bundle, but there are a few red flags to consider before installing or using it with a real token:
- Source provenance: there is no homepage or repository listed. Prefer skills with a verifiable source.
- Token scopes: the docs and examples include read and write/destructive endpoints (creating/deleting repos, adding members). Do NOT supply a token with wide write/delete permissions unless you fully trust the skill; prefer a read-only token for queries.
- Do not paste tokens into chat prompts unless you understand the risks; prefer setting GITCODE_TOKEN as an environment variable with minimal scope.
- Dependency mismatch: the header claims "standard library only" but examples use the third-party 'requests' library. Ensure the runtime environment provides requests or adjust examples to use only stdlib (urllib).
- If you plan to allow autonomous agent invocation, consider limiting the token's scope and lifespan (short-lived or scoped to specific repos) to reduce blast radius.
If the publisher/source can be verified and you confirm the token scopes you provide are intentionally limited, the skill's behavior is coherent. Otherwise treat it cautiously.
Capability Analysis
Type: OpenClaw Skill
Name: gitcode
Version: 1.3.0
The gitcode skill bundle is a well-documented integration for the GitCode platform's REST API. It provides comprehensive references for repository, issue, and pull request management in reference.md and includes standard Python examples using the requests library in examples.md. The instructions in SKILL.md regarding environment variable retrieval (GITCODE_TOKEN) are consistent with the skill's stated purpose, and no evidence of malicious behavior, data exfiltration, or harmful prompt injection was found.
Capability Assessment
Purpose & Capability
The skill's name/description match its artifacts: SKILL.md, reference and examples are all GitCode API documentation. However the package lacks a source/homepage (origin unknown). The reference includes destructive endpoints (create/update/delete repos, add members) but the token guidance only recommends read scopes, which is inconsistent with the full capability surface.
Instruction Scope
SKILL.md stays within API usage: it documents base URL, headers, token locations, and expected status codes. It does not instruct reading arbitrary system files. One oddity: it documents multiple places to read an env var (including PowerShell/.NET user/system variables) — that expands where an agent may look for the token but is still within the token retrieval context.
Install Mechanism
No install spec (instruction-only) which is low-risk. But SKILL.md claims 'Python 3.7+ standard library only' while examples use the third-party 'requests' library — that's an inconsistency (the skill expects a dependency but doesn't declare/install it).
Credentials
The only declared credential is GITCODE_TOKEN which is appropriate for a GitCode client. However: (1) examples and reference include write/destructive APIs (create PR, create/delete files, delete repo, add members) that require broader scopes than the token creation guidance implies; (2) the skill encourages pasting tokens directly in prompts (user-provided token), which is risky; (3) the SKILL.md suggests reading user/system env entries on Windows, enlarging the places the agent may access secrets. Overall, requested environment access is plausible but the required token permissions are ambiguous and possibly excessive for read-only use.
Persistence & Privilege
No elevated persistence requested (always:false). The skill is instruction-only and does not request to modify other skills or system settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gitcode - After installation, invoke the skill by name or use
/gitcode - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.3.0
- 修改部分API使用
- 补充部分API
- 增加主要参数说明
v1.2.0
- Removed the Python token setup script and its documentation
- Updated documentation to reflect the script removal and revised token setup instructions
v1.1.0
- Added support for users to directly provide their GitCode token in a query, in addition to reading from the environment variable.
- 优化 PR 评论 API 描述,区分普通评论与代码行评论
v1.0.0
Initial release of gitcode.
- Fetch and query data from the GitCode platform via its REST API, supporting repositories, branches, issues, pull requests, commits, tags, users, organizations, search, webhooks, members, and releases.
- Requires Python 3.7+ standard library only; no external dependencies.
- Authentication managed through the GITCODE_TOKEN environment variable, with a setup script provided.
- Includes thorough API, usage instructions, error codes, and examples for all endpoints in reference and examples documentation.
- Documentation available in both English and Chinese.
Metadata
Frequently Asked Questions
What is GitCode API?
Fetch and query data from GitCode platform via its REST API: repositories, branches, issues, pull requests, commits, tags, users, organizations, search, webh... It is an AI Agent Skill for Claude Code / OpenClaw, with 453 downloads so far.
How do I install GitCode API?
Run "/install gitcode" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is GitCode API free?
Yes, GitCode API is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does GitCode API support?
GitCode API is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created GitCode API?
It is built and maintained by do_while_true (@autoxj); the current version is v1.3.0.
More Skills