← Back to Skills Marketplace
ashwinhegde19

GitHub Issue Resolver

by Ashwinhegde19 · GitHub ↗ · v1.0.0
cross-platform ✓ Security Clean
1611
Downloads
1
Stars
25
Active Installs
1
Versions
Install in OpenClaw
/install github-issue-resolver
Description
Autonomous GitHub Issue Resolver Agent with guardrails. Use when the user wants to discover, analyze, and fix open issues in GitHub repositories. Triggers on...
README (SKILL.md)

GitHub Issue Resolver

Autonomous agent for discovering, analyzing, and fixing open GitHub issues — with a 5-layer guardrail system.

⚠️ GUARDRAILS — Read First

Every action goes through guardrails. Before any operation:

  1. Load guardrails.json config
  2. Validate scope (repo, branch, path)
  3. Check action gate (auto/notify/approve)
  4. Validate command against allowlist
  5. Log to audit trail

For guardrail details, see references/guardrails-guide.md.

Key Rules (Non-Negotiable)

  • Never touch protected branches (main, master, production)
  • Never modify .env, secrets, CI configs, credentials
  • Never force push
  • Never modify dependency files without explicit approval
  • Never modify own skill/plugin files
  • One issue at a time — finish or abandon before starting new
  • All dangerous actions require user approval (write code, commit, push, PR)
  • Everything is logged to audit/ directory

Workflow

Phase 1 — Issue Discovery

Trigger: User provides a GitHub repository (owner/repo).

Steps:

  1. Validate repo against guardrails:

    python3 scripts/guardrails.py repo \x3Cowner> \x3Crepo>

    If blocked, tell the user and stop.

  2. Fetch, score, and present issues using the recommendation engine:

    python3 scripts/recommend.py \x3Cowner> \x3Crepo>

    This automatically fetches open issues, filters out PRs, scores them by severity/impact/effort/freshness, and presents a formatted recommendation.

    Always use recommend.py — never manually format issue output. The script ensures consistent presentation every time.

    For raw JSON (e.g., for further processing):

    python3 scripts/recommend.py \x3Cowner> \x3Crepo> --json

⏹️ STOP. Wait for user to select an issue.

Phase 2 — Fixing

Trigger: User selects an issue.

Steps:

  1. Lock the issue (one-at-a-time enforcement):

    python3 scripts/guardrails.py issue_lock \x3Cowner> \x3Crepo> \x3Cissue_number>

  2. Read full issue thread including comments.

  3. Clone the repo (Gate: notify):

    python3 scripts/sandbox.py run git clone https://github.com/\x3Cowner>/\x3Crepo>.git /tmp/openclaw-work/\x3Crepo>

  4. Create a safe branch (Gate: auto):

    python3 scripts/sandbox.py run git checkout -b fix-issue-\x3Cnumber>

  5. Explore codebase — read relevant files. For each file:

    python3 scripts/guardrails.py path \x3Cfile_path>

  6. Plan the fix — explain approach to user:

    ## Proposed Fix
- Problem: [root cause]
- Solution: [what changes]
- Files: [list of files and what changes in each]
- Estimated diff size: [lines]

⏹️ STOP. Wait for user to approve the plan before implementing.

  1. Implement the fix (Gate: approve):
    • Apply changes
    • Check diff size: python3 scripts/guardrails.py diff \x3Cline_count>
    • Log: python3 scripts/audit.py log_action write_code success

Phase 3 — Testing

After implementing:

  1. Find and run tests (Gate: notify):

    python3 scripts/sandbox.py run npm test   # or pytest, cargo test, etc.

  2. If tests fail AND autoRollbackOnTestFail is true:

    • Revert all changes
    • Notify user
    • Suggest alternative approach

  3. If no tests exist, write basic tests covering the fix.

  4. Report results to user.

Phase 4 — Draft PR for Review (Approval REQUIRED)

⚠️ NEVER create PR automatically. Always ask first.

Do NOT dump full diffs in chat. For any non-trivial project, push the branch and let the user review on GitHub where they get syntax highlighting, file-by-file navigation, and inline comments.

  1. Commit changes (Gate: approve):

    python3 scripts/sandbox.py run git add .
python3 scripts/sandbox.py run git commit -m "Fix #\x3Cnumber>: \x3Ctitle>"

  2. Show a change summary (NOT the raw diff) — keep it concise:

    ## Changes
- **src/models.py** — Added field validation (title length, enum checks)
- **app.py** — Added validation to POST endpoint, 400 error responses
- **tests/test_app.py** — 22 new tests covering validation rules
- 4 files changed, ~100 lines of source + ~150 lines of tests
- All tests passing ✅

  3. Ask explicitly: "Ready to push and create a draft PR?"

  4. Only after user says "yes" (Gate: approve):

    python3 scripts/sandbox.py run git push -u origin fix-issue-\x3Cnumber>
python3 scripts/sandbox.py run gh pr create --draft --title "..." --body "..."

    Note: PRs are always created as draft by default. The PR body should include a detailed description of all changes, test results, and link to the issue (Closes #N).

  5. Share the PR link — user reviews on GitHub.

  6. Unlock the issue:

    python3 scripts/guardrails.py issue_unlock

Scripts Reference

Script Purpose Run Without Reading
scripts/recommend.py Primary entry point — fetch, score, and present issues
scripts/fetch_issues.py Raw issue fetcher (used internally by recommend.py)
scripts/analyze_issue.py Deep analysis of single issue
scripts/create_pr.py PR creation wrapper
scripts/guardrails.py Guardrail enforcement engine
scripts/sandbox.py Safe command execution wrapper
scripts/audit.py Action logger

References

Usage Guidance
This skill appears internally consistent with its purpose, but take these precautions before installing or running it: - Review and test on a non-production repository first. The agent will clone repos, run shell commands, and can push/ create PRs if you approve. - Ensure you understand and control local git/gh authentication: create_pr.py uses the GitHub CLI and will push using your configured credentials if you approve a push. If you don't want pushes, do not approve git_push/create_pr gates. - Logs and state are written to the skill directory (audit/ and .guardrails-state.json). These may include diffs and contextual data — check retention and remove any sensitive artifacts. - The scripts execute shell commands via subprocess with shell=True; the guardrails attempt to sanitize and block dangerous commands, but avoid passing untrusted inputs to the skill and examine the guardrails config if you plan to run on sensitive projects. - If you require stricter control, populate guardrails.json allowlists (repos) and review command allow/block lists before use. If you want, I can: 1) point out any exact lines in the scripts that would run commands that need your auth, 2) search for any network endpoints beyond api.github.com, or 3) summarize the guardrail rules that would block modification of sensitive files.
Capability Analysis
Type: OpenClaw Skill Name: github-issue-resolver Version: 1.0.0 The skill bundle is designed with a strong emphasis on security and guardrails, explicitly blocking many common attack vectors. The `SKILL.md` instructions reinforce these guardrails, detailing a 5-layer system and requiring user approval for dangerous actions. The `guardrails.py` script implements robust input sanitization and command blocking (e.g., shell metacharacters, environment variable expansion, output redirection, absolute paths, sensitive file access, and a comprehensive denylist of dangerous commands like `curl`, `wget`, `sudo`, `eval`, `exec`, `rm -rf`, `ssh`, `nc`, `crontab`, `chmod`, `chown`). While `subprocess.run(shell=True)` is used, it is heavily mitigated by these extensive checks, indicating an intent to prevent, rather than enable, malicious execution. There is no evidence of intentional harmful behavior, data exfiltration to external endpoints, persistence mechanisms, or obfuscation.
Capability Assessment
Purpose & Capability
The skill claims to discover, analyze, and fix GitHub issues and the provided scripts implement fetching, analysis, sandboxed command execution, guardrail checks, audit logging, and PR creation. No unrelated credentials or network hosts are requested; the pieces (recommend, fetch, analyze, sandbox, create_pr, guardrails, audit) align with the stated purpose.
Instruction Scope
SKILL.md confines actions to repository discovery, cloning, code edits, testing, and PR creation and enforces user approval for destructive actions. Runtime instructions reference only the provided scripts and standard developer tools; the agent will read/write repository files, call the GitHub API (via scripts), and run git/gh/ tests as documented. The guardrails explicitly forbid editing secrets, protected branches, and certain paths.
Install Mechanism
No install spec is provided (instruction-only plus included scripts), so nothing is downloaded or installed by the registry. The code runs with system binaries (git, gh, python, npm, pytest, etc.) that must already be present — consistent with the skill's purpose.
Credentials
The skill declares no required environment variables or credentials. It relies on the local environment's git/gh authentication if pushing/creating PRs (create_pr.py checks gh auth). That is proportionate to a tool that pushes code and creates PRs — no unrelated secrets are requested. Be aware that audit logs and state files will be written to disk and may include contextual data (filenames, diffs).
Persistence & Privilege
always:false (normal) and model invocation is enabled (normal). The skill persists state and audit logs under the skill/repo directory (writes .guardrails-state.json and audit/ session files). This is expected for an audit/logging feature but means local disk will be written to; review retention settings and where logs are stored before use.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install github-issue-resolver
  3. After installation, invoke the skill by name or use /github-issue-resolver
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the GitHub Issue Resolver agent. - Automates the GitHub issue resolution workflow: discover, analyze, plan, fix, test, and submit PRs. - Implements a 5-layer guardrail system to prevent scope creep, unauthorized access, and dangerous operations. - Strictly enforces one-issue-at-a-time, approval gates for all critical actions, comprehensive logging, and never touches protected branches or sensitive files. - Includes utility scripts for safe execution, auditing, and guardrail checks, with detailed workflow documentation.
Metadata
Slug github-issue-resolver
Version 1.0.0
License
All-time Installs 25
Active Installs 25
Total Versions 1
Frequently Asked Questions

What is GitHub Issue Resolver?

Autonomous GitHub Issue Resolver Agent with guardrails. Use when the user wants to discover, analyze, and fix open issues in GitHub repositories. Triggers on... It is an AI Agent Skill for Claude Code / OpenClaw, with 1611 downloads so far.

How do I install GitHub Issue Resolver?

Run "/install github-issue-resolver" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is GitHub Issue Resolver free?

Yes, GitHub Issue Resolver is completely free (open-source). You can download, install and use it at no cost.

Which platforms does GitHub Issue Resolver support?

GitHub Issue Resolver is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created GitHub Issue Resolver?

It is built and maintained by Ashwinhegde19 (@ashwinhegde19); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments