← Back to Skills Marketplace
Github Actions Gen
by
BytesAgain2
· GitHub ↗
· v3.0.0
· MIT-0
388
Downloads
0
Stars
1
Active Installs
10
Versions
Install in OpenClaw
/install github-actions-gen
Description
Generate GitHub Actions workflow YAML files for CI/CD. Use when setting up automated pipelines.
README (SKILL.md)
github-actions-gen
Generate GitHub Actions workflow YAML files for CI/CD. Use when setting up automated pipelines.
Commands
create
scripts/script.sh create \x3Ctype>
template
scripts/script.sh template \x3Clanguage>
lint
scripts/script.sh lint \x3Cfile>
list
scripts/script.sh list
optimize
scripts/script.sh optimize \x3Cfile>
secrets
scripts/script.sh secrets \x3Cfile>
Data Storage
Data stored in ~/.local/share/github-actions-gen/.
Powered by BytesAgain | bytesagain.com | [email protected]
Usage Guidance
This skill appears to do what it says: run the bundled shell script to produce or inspect GitHub Actions YAML. Before installing or executing, review scripts/script.sh yourself (it is included) to ensure you accept running a local shell script. Note the script will create ~/.local/share/github-actions-gen (benign). The script's templates and help text are simplistic and some listed types/languages are not implemented — expect limited functionality. Only run the skill if you trust the BytesAgain source; avoid running it on repositories with sensitive data unless you inspect its behavior first.
Capability Analysis
Type: OpenClaw Skill
Name: github-actions-gen
Version: 3.0.0
The script 'scripts/script.sh' contains multiple shell injection vulnerabilities due to unquoted variables and improper argument handling in functions like 'cmd_lint', 'cmd_optimize', and 'cmd_secrets'. Specifically, the script uses '$2' without quotes in file-system operations and grep commands, which could allow arbitrary command execution if a crafted filename is provided. While these appear to be unintentional logic errors (off-by-one argument indexing after a shift), the high-risk nature of the resulting vulnerabilities meets the criteria for a suspicious classification.
Capability Assessment
Purpose & Capability
Name/description match the included script and commands. The SKILL.md maps directly to scripts/script.sh which implements create, template, lint, list, optimize, and secrets actions aimed at GitHub Actions YAML generation and checks. The requested capabilities (none) are appropriate for the stated purpose.
Instruction Scope
Instructions ask the agent to run the local shell script with user-supplied arguments; the script only reads files given as arguments and uses $HOME to create a data directory. There is no network exfiltration or access to unrelated system credentials. Minor scope mismatch: SKILL.md/list output mentions a few types/languages (e.g., test, lint, go, release, docker) that the create/template handlers do not actually implement — this is a correctness/usability issue, not a security issue.
Install Mechanism
No install spec and no downloads; the skill is effectively instruction + one bundled script. This is low risk because nothing is fetched from the network or installed automatically.
Credentials
The skill declares no environment variables or credentials. The bundled script similarly does not read secrets or external credentials. It creates a data directory under ~/.local/share/github-actions-gen but does not write any sensitive tokens. Proportional.
Persistence & Privilege
always is false and the skill does not request privileged or persistent system changes. It creates its own data directory in the user's home, which is normal for user-level tools.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install github-actions-gen - After installation, invoke the skill by name or use
/github-actions-gen - Provide required inputs per the skill's parameter spec and get structured output
Version History
v3.0.0
v3.0.0: Complete rewrite with real functionality.
v2.0.1
update
v2.0.0
v2.5 standard: Use-when desc, homepage, source, security fix
v2.3.4
old template -> domain-specific v2.0.0
v2.3.3
old template -> domain-specific v2.0.0
v2.3.2
Quality upgrade
v2.3.1
De-template, unique content, script cleanup
v2.3.0
Quality fixes: removed third-party references, aligned docs with implementation
v2.2.0
Enhanced descriptions for better AI triggering
v1.0.0
Initial release of github-actions-gen
- Generate production-ready GitHub Actions CI/CD workflow files for Node.js, Python, Docker, Terraform, Go, and Rust.
- Supports matrix builds, dependency caching, artifact management, deployment pipelines, environment secrets, and reusable workflows.
- Provides commands for generating CI, CD, Docker, Terraform, matrix, release, cron, and reusable workflows.
- Includes usage examples and best practices for testing, building, linting, and deploying applications.
Metadata
Frequently Asked Questions
What is Github Actions Gen?
Generate GitHub Actions workflow YAML files for CI/CD. Use when setting up automated pipelines. It is an AI Agent Skill for Claude Code / OpenClaw, with 388 downloads so far.
How do I install Github Actions Gen?
Run "/install github-actions-gen" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Github Actions Gen free?
Yes, Github Actions Gen is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Github Actions Gen support?
Github Actions Gen is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Github Actions Gen?
It is built and maintained by BytesAgain2 (@ckchzh); the current version is v3.0.0.
More Skills