← Back to Skills Marketplace
trenza1ore

GitCode API Usage

by Hugo · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ Security Clean
90
Downloads
1
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install gitcode-api
Description
Provides Python SDK access to GitCode REST API with sync/async clients, repo helpers, and CLI scripts for managing repos, pulls, users, and searches.
README (SKILL.md)

GitCode API SDK

Use the published Python package:

pip install -U gitcode-api

Authentication defaults to the GITCODE_ACCESS_TOKEN environment variable, or pass api_key=... explicitly. If either value is encrypted, pass decrypt=... so the client can decode it before authenticating.

Confirm with user before installation or setup environment variable

Consult user for confirmation before installation:

  • like all python packages, installing gitcode-api may introduce change to global environment.
  • when user ask for additional information, you may guide them to:
  • ask user to provide the GITCODE_ACCESS_TOKEN environment variable, preferably encrypted:
    • environment variable may be read by untrusted software as that is not unscoped.
    • a decrypt argument can be passed into GitCode clients' constructor to decrypt an encrypted api_key value or encrypted GITCODE_ACCESS_TOKEN at runtime.

Client shape

This SDK is structured similarly to OpenAI's Python clients:

  • Start from a top-level client object: GitCode(...) or AsyncGitCode(...).
  • Call grouped resources off the client, such as client.repos, client.pulls, client.users, and client.search.
  • Invoke methods on those resource groups, such as client.repos.get() or await client.pulls.list().
  • Prefer with GitCode(...) as client: or async with AsyncGitCode(...) as client: so the SDK closes the underlying httpx client automatically, including a custom http_client.

Unlike OpenAI's typed request/response shapes, this SDK focuses on GitCode REST resources and returns lightweight response objects with attribute access.

Quick start

Sync:

from gitcode_api import GitCode

with GitCode(
    api_key="your-token",
    owner="SushiNinja",
    repo="GitCode-API",
) as client:
    repo = client.repos.get()
    pulls = client.pulls.list(state="open", per_page=5)
    print(repo.full_name)
    for pull in pulls:
        print(pull.number, pull.title)

Async:

import asyncio
from gitcode_api import AsyncGitCode

async def main() -> None:
    async with AsyncGitCode(
        api_key="your-token",
        owner="SushiNinja",
        repo="GitCode-API",
    ) as client:
        branches = await client.branches.list(per_page=5)
        for branch in branches:
            print(branch.name)

asyncio.run(main())

Encrypted token:

from gitcode_api import GitCode
from trusted_library import decryption_method

with GitCode(
    api_key="encrypted-token",
    owner="SushiNinja",
    repo="GitCode-API",
    decrypt=decryption_method,
) as client:
    repo = client.repos.get()
    pulls = client.pulls.list(state="open", per_page=5)
    print(repo.full_name)
    for pull in pulls:
        print(pull.number, pull.title)

Repository-scoped defaults

If owner= and repo= are set on the client, repository resources can omit them per call. If not, pass owner= and repo= on repository-scoped methods.

Common resource groups

  • client.repos and client.contents
  • client.branches and client.commits
  • client.issues and client.pulls
  • client.labels, client.milestones, and client.members
  • client.releases, client.tags, and client.webhooks
  • client.users, client.orgs, client.search, and client.oauth

Common tasks

  • Repository info and file content: client.repos.get(), client.contents.get(), client.contents.create(), client.contents.update()
  • Branches, commits, and diffs: client.branches.list(), client.commits.list(), client.commits.compare()
  • Issues and pull requests: client.issues.list(), client.issues.create(), client.pulls.list(), client.pulls.create(), client.pulls.merge()
  • Account and discovery: client.users.me(), client.orgs.list_authenticated(), client.search.repositories()
  • OAuth: client.oauth.build_authorize_url(), client.oauth.exchange_token()

For the broader method inventory, use references/api-reference.md

Response objects

Responses are lightweight objects, not plain dicts.

Typical usage:

pull = client.pulls.get(number=42)
print(pull.title)
print(pull.get("source_branch"))
payload = pull.to_dict()

Utility scripts

Bundled helpers:

  • scripts/check_env.py verifies Python, package import, and token setup.
  • scripts/gitcode_api_cli.py provides a small example CLI for common SDK calls, you are advised to write your own version with encrypted access token for security.

Additional resources

FAQ

Q: In company network, access to GitCode failed with SSL errors mentioning "self-signed certificate". A: Typically, a custom CA bundle needs to be set, user may pass in a custom httpx client with verify set to the certificate path, this is similar to REQUESTS_CA_BUNDLE environment variable for requests library.

from gitcode_api import GitCode
from httpx import Client

with GitCode(
    owner="SushiNinja",
    repo="GitCode-API",
    http_client=Client(verify="path/to/my/certificate.crt"),
) as client:
    repo = client.repos.get()
    pulls = client.pulls.list(state="open", per_page=5)
    ...
Usage Guidance
This skill appears to do what it says: small SDK docs and helper scripts that use a GitCode access token. Before installing or providing credentials: (1) verify the PyPI project and GitHub repository links referenced in SKILL.md match the package you expect and review the package source on those sites, (2) install into a virtualenv to avoid changing your global Python environment, (3) give the token only the least privileges necessary and avoid exporting it globally — prefer process-scoped or CI/secret-manager injection, (4) if you want to use an encrypted token, ensure you supply a trusted decrypt function and understand where decryption happens, and (5) ask the publisher to correct the registry metadata (declare python/pip and GITCODE_ACCESS_TOKEN) so requirements are not misleading. If you want extra assurance, inspect the published gitcode-api package source on PyPI/GitHub for any unexpected code before running pip install.
Capability Analysis
Type: OpenClaw Skill Name: gitcode-api Version: 1.0.1 The skill bundle provides a standard interface for the `gitcode-api` Python SDK, including environment validation (`scripts/check_env.py`), a CLI helper (`scripts/gitcode_api_cli.py`), and detailed documentation. The instructions in `SKILL.md` are security-conscious, explicitly advising the agent to seek user confirmation before installation and suggesting the use of encrypted tokens to prevent exposure of sensitive environment variables. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found.
Capability Tags
requires-oauth-tokenrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
Name/description, code files, and documentation consistently implement a GitCode Python SDK helper and CLI. However the skill manifest/registry metadata lists no required env vars or binaries while SKILL.md contains an internal metadata block that declares python/pip as required binaries and GITCODE_ACCESS_TOKEN as primaryEnv — this mismatch is likely an authoring/packaging omission but is inconsistent.
Instruction Scope
SKILL.md instructs installing the published package from PyPI, using an access token (GITCODE_ACCESS_TOKEN) or passing api_key explicitly, and optionally supplying a decrypt function. Runtime instructions and included scripts only import the SDK, read the token env var, and call API endpoints. There are no instructions to read unrelated files, gather extra system context, or POST data to unexpected endpoints.
Install Mechanism
There is no automated install spec in the registry (instruction-only install). SKILL.md recommends 'pip install -U gitcode-api' (PyPI) and links to GitHub and docs — a standard, low-risk approach. No downloads from untrusted arbitrary URLs or extract operations are present in the package files.
Credentials
The skill legitimately needs an access token (GITCODE_ACCESS_TOKEN) to call the GitCode API and the scripts check that variable. That credential request is proportional. The concern is the mismatch between the registry's declared 'required env vars: none' and the SKILL.md's 'primaryEnv: GITCODE_ACCESS_TOKEN' — users may be surprised unless the registry metadata is corrected.
Persistence & Privilege
The skill does not request always:true or any elevated persistent presence. It does not modify other skills or system-wide settings. The agent can invoke it autonomously (default), which is normal for skills and not a unique concern here.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install gitcode-api
  3. After installation, invoke the skill by name or use /gitcode-api
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Version 1.0.1 - Provided security guidance for setting environment variables & install packages, agent should confirm with user first and provide information on the package to install. - Added guidance to consult the user before installing the package or setting the environment variable. - Emphasized supporting encrypted tokens via a new `decrypt` argument on the client constructor. - Updated documentation to include secure practices for environment variables and token handling. - Provided links to official PyPI, documentation, and source repository for further user reference. - Added FAQ section detailing how to handle SSL certificate issues on company networks. - Clarified the use and customization of bundled CLI helpers and custom HTTP client support.
v1.0.0
Initial release of the gitcode-api skill. - Integrates the gitcode-api Python SDK for GitCode REST automation. - Supports both sync and async client usage, with OpenAI-style resource grouping. - Provides quick-start examples for repository, pull request, and user operations. - Includes bundled utility scripts: environment checker and CLI helper. - Documents authentication methods and common usage patterns.
Metadata
Slug gitcode-api
Version 1.0.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is GitCode API Usage?

Provides Python SDK access to GitCode REST API with sync/async clients, repo helpers, and CLI scripts for managing repos, pulls, users, and searches. It is an AI Agent Skill for Claude Code / OpenClaw, with 90 downloads so far.

How do I install GitCode API Usage?

Run "/install gitcode-api" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is GitCode API Usage free?

Yes, GitCode API Usage is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does GitCode API Usage support?

GitCode API Usage is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created GitCode API Usage?

It is built and maintained by Hugo (@trenza1ore); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments