← Back to Skills Marketplace
chengxiansheng1

GitLab 每日提交汇总

by chengxiansheng1 · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ⚠ suspicious
266
Downloads
0
Stars
1
Active Installs
4
Versions
Install in OpenClaw
/install gitlab-daily-report
Description
自动拉取 GitLab 多维度数据,生成智能摘要并推送到飞书。支持语义化聚类、项目动量分析及阻塞风险识别。适用于每日进度汇报、团队贡献分析及研发效能洞察。
README (SKILL.md)

GitLab Daily Report Skill\r

\r

角色定义\r

\r 你是 GitLab 项目数据分析师,擅长从原始 Git 数据中提取有价值的信息,并以清晰、结构化的方式呈现。同时你也是飞书报告助手,负责生成高质量的团队进度总结。\r \r

核心工作流程\r

\r

Step 1: 获取数据(无需用户干预)\r

python gitlab_report.py --preview\r
```\r
- 自动获取过去 24 小时的 Commits / MRs / Pipelines 数据\r
- 数据保存到 `latest_data.json`\r
- 输出原始 JSON 供 AI 分析\r
\r
### Step 2: AI 智能分析与总结(关键步骤)\r
**只有当用户明确要求"汇报"或"推送飞书"时,才执行此步骤**\r
\r
读取 `latest_data.json` 中的原始数据,按以下结构进行分析和总结:\r
\r
**分析维度:**\r
1. 过滤:剔除无意义的 Merge commit\r
2. 聚类:按功能模块分类(✨新功能/🐛Bug修复/🛠重构/📄文档/🔐安全)\r
3. 摘要:合并相似任务,用精炼的语言概括核心变动\r
4. 评估:计算活跃度 (High/Med/Low),识别关键贡献者\r
5. 识别阻塞点:24h+ 未合并的 MR,失败的 Pipeline\r
6. 风险预警:敏感文件变更、权限相关改动\r
\r
**AI 输出内容结构(用于飞书推送):**\r
```\r
📅 [项目名] 每日进度总结 (日期)\r
━━━━━━━━━━━━━━━━━━━\r
\r
🎯 核心成果 (TOP 3)\r
  • [成果1,简明有力]\r
  • [成果2,突出价值]\r
  • [成果3,影响范围]\r
\r
📊 工作量统计\r
  代码提交: X 次 | 活跃成员: Y 人 | 代码行数变化: +Z/-W\r
\r
🔥 关键亮点\r
  [突出这个项目今天最有意义的工作]\r
\r
⚠️ 需要关注\r
  [如果有阻塞或风险,简洁指出;否则显示"暂无阻塞"]\r
\r
👥 主力贡献者\r
  [列出贡献数最多的前 3 名成员]\r
```\r
\r
### Step 3: 发送飞书(需用户明确确认)\r
**步骤 2 完成后,将 AI 生成的智能总结内容推送到飞书**\r
\r
用户明确要求"推送飞书"、"发送飞书"或"汇报"时,才执行:\r
```bash\r
# 使用 AI 总结的内容发送飞书\r
python gitlab_report.py --send-ai-summary\r
```\r
\r
## 使用场景\r
\r
| 场景 | 命令 | 说明 |\r
|------|------|------|\r
| 获取今日数据 | `python gitlab_report.py --preview` | 仅获取数据,不进行 AI 分析 |\r
| 汇报(推荐工作流) | 1. 先运行 --preview 获取数据\x3Cbr>2. AI 分析生成智能总结\x3Cbr>3. 用户确认后推送飞书 | 标准的报告流程 |\r
| 快速查看 | 查看终端输出 | 数据已获取,可查看脚本格式化的报告 |\r
\r
## 工作流示意\r
\r
```\r
┌─────────────────────┐\r
│  用户请求"汇报"      │\r
└──────────┬──────────┘\r
           │\r
           ▼\r
┌─────────────────────────────────────┐\r
│ Step 1: 脚本获取数据 (--preview)     │\r
│ └─ 从 GitLab 拉取 Commits/MRs/等   │\r
│ └─ 保存到 latest_data.json          │\r
└──────────┬──────────────────────────┘\r
           │\r
           ▼\r
┌─────────────────────────────────────┐\r
│ Step 2: AI 智能分析总结              │\r
│ 读取 latest_data.json,生成:       │\r
│ • 核心成果摘要                       │\r
│ • 工作量统计                         │\r
│ • 关键亮点与风险                     │\r
│ • 主力贡献者                         │\r
└──────────┬──────────────────────────┘\r
           │\r
           ▼\r
┌─────────────────────────────────────┐\r
│ 用户确认是否推送飞书                 │\r
└──────┬──────────────────┬───────────┘\r
       │ 是               │ 否\r
       ▼                  ▼\r
  推送飞书           直接结束\r
(使用AI总结内容)\r
```\r
\r
## 输出风格\r
\r
- `--style concise`: 极简模式\r
- `--style detailed`: 详细模式(默认)\r
- `--style executive`: 管理层汇报\r
\r
## 关键规则\r
\r
**⚠️ 重要:自动化行为调整**\r
\r
1. **不要自动推送飞书**:获取数据后只显示结果,不自动推送。除非用户明确说"推送飞书"、"发送飞书"或"汇报"\r
2. **AI 分析优先**:仅当用户明确要求"汇报"时,才执行 AI 分析和飞书推送\r
3. **两步确认**:\r
   - Step 1: 获取数据并展示\r
   - Step 2: 等待用户确认是否需要 AI 分析和推送\r
\r
## 数据结构 (latest_data.json)\r
\r
```json\r
{\r
  "date": "2026-03-19",\r
  "summary": {\r
    "total_commits": 63,\r
    "active_members": 12,\r
    "repositories": ["Jianxiang907", "manbing-java"]\r
  },\r
  "projects": [\r
    {\r
      "name": "Jianxiang907",\r
      "commits": {\r
        "total": 58,\r
        "by_category": { "✨ 新功能": [...], "🐛 Bug 修复": [...] },\r
        "by_author": { "liuyun": [...], "zhy": [...] },\r
        "active_members": ["liuyun", "zhy", ...]\r
      },\r
      "merge_requests": { "total": 0, "opened": 0, "blocked": [] },\r
      "pipelines": { "total": 0, "success": 0, "failed": 0 }\r
    }\r
  ]\r
}\r
```\r
\r
## AI 分析提示词\r
\r
当用户要求汇报时,你应该:\r
\r
**第一步:数据解读**\r
- 读取脚本输出的原始 JSON 数据(latest_data.json)\r
- 识别提交类型的分布、活跃成员、关键改动\r
\r
**第二步:智能摘要**\r
- 提炼 **核心成果**(TOP 3,最有价值的工作)\r
- 生成 **工作量统计**(提交数、成员数、代码行变化)\r
- 突出 **关键亮点**(最值得强调的工作)\r
- 指出 **需要关注的问题**(如有阻塞或风险)\r
- 列出 **主力贡献者**(贡献最多的人)\r
\r
**第三步:输出格式**\r
使用本 SKILL 定义的"AI 输出内容结构"格式生成飞书消息\r
\r
**分类规则参考**:\r
- ✨ 新功能 (feat/新增/添加/支持)\r
- 🐞 Bug 修复 (fix/修复/bug/问题)\r
- 🛠 重构优化 (refactor/优化/chore)\r
- 📄 文档配置 (docs/文档/readme)\r
- 🔐 安全权限 (security/权限/auth)\r
- 🚀 部署CI (ci/cd/docker/k8s)\r
- 🧪 测试 (test/测试)\r
- 📌 其他\r
\r
**活跃度评级**:\r
- High: ≥30 commits 或 (≥15 commits + ≥5 成员)\r
- Med: ≥10 commits 或 (≥5 commits + ≥3 成员)\r
- Low: 其他\r
\r
## 配置\r
\r
- `config.json`: GitLab URL、Token、仓库列表、飞书 Webhook\r
\r
---\r
*此 Skill 适用于 gitlab-daily-report 自动化任务*\r
Usage Guidance
This skill appears to implement the advertised GitLab→Feishu reporting functionality, but exercise caution before installing: - Expect to create a config.json (not declared in registry metadata) containing a GitLab personal access token and Feishu webhook URLs. Only provide a token with the minimum needed scope (read_api) and avoid using broad/administrative tokens. - Verify the Feishu webhook URL(s) are correct and point to trusted groups. A webhook is effectively a destination that will receive your report data. - The script disables SSL certificate verification for network calls (accepts self-signed certs). This may be intended for private GitLab instances with self-signed certs, but it weakens transport security; prefer installing a trusted certificate or ask the author to remove/mitigate the global SSL bypass. - The registry metadata not listing the required config/credentials is an inconsistency — ask the publisher to update the manifest to declare the config.json and required secrets. - Review the contents of config.json and storage location (avoid committing tokens to VCS). Consider using environment-based secret management or restricted file permissions. If the publisher updates the registry metadata to declare the config file/credentials and either removes the SSL bypass or documents why it is necessary, and you confirm the Feishu webhook endpoints are trusted, the remaining risks are typical for an integration of this type.
Capability Analysis
Type: OpenClaw Skill Name: gitlab-daily-report Version: 1.0.3 The skill bundle is classified as suspicious primarily due to a security vulnerability in `scripts/gitlab_report.py`, where SSL certificate verification is explicitly disabled (`ssl.CERT_NONE`). This allows for Man-in-the-Middle (MITM) attacks, potentially exposing the sensitive GitLab Private Token and internal project data. While the script's core functionality—fetching GitLab activity and sending summaries to Feishu webhooks—is consistent with its stated purpose, the lack of transport security is a significant flaw. Additionally, there is a functional discrepancy in `SKILL.md` which references a non-existent command-line flag (`--send-ai-summary`), though this appears to be a bug rather than intentional malice.
Capability Assessment
Purpose & Capability
The skill's stated purpose (pull GitLab data and push to Feishu) is consistent with the included scripts, but the registry metadata claims no required config or credentials while the code requires a local config.json containing a GitLab token and Feishu webhook(s). That mismatch is unexplained and important.
Instruction Scope
SKILL.md workflow is narrowly scoped (preview → analyze → user-confirmed push). It instructs running the included script which writes latest_data.json and only sends to Feishu after explicit confirmation. However, SKILL.md and examples reference writing/reading local config.json and an external webhook; the README contains an additional webhook/Flask example that runs subprocesses (git pull, run script) — that example is not executed by the skill itself but increases the operational surface if followed.
Install Mechanism
No install spec; this is an instruction-plus-script skill and does not download external binaries or run an installer. Risk from install mechanism is low.
Credentials
The script requires sensitive secrets in config.json (GitLab personal access token and Feishu webhook URLs). These are proportionate to the stated function, but the registry metadata did not declare required config paths or credentials — a transparency issue. Also the code disables SSL verification (accepts self-signed certs), which weakens transport security and can increase risk of credential interception if misused.
Persistence & Privilege
Skill is not always-included and does not request elevated agent privileges. It writes a local latest_data.json and reads a local config.json (normal for such tools). It does not modify other skills or global agent settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install gitlab-daily-report
  3. After installation, invoke the skill by name or use /gitlab-daily-report
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.3
Version 1.0.3 - Clarified workflow rules: AI分析和飞书推送现在只有用户明确请求"汇报"、"推送飞书"等时才执行,默认只获取和展示数据。 - 增加“两步确认”机制:先提取数据,待用户确认后再分析和发送报告。 - 优化输出内容结构,强调“核心成果”、“主力贡献者”和阻塞点快速可见。 - 新增详细AI分析与摘要流程描述和范本,提升报告可操作性与一致性。 - 明确各输出风格和数据结构标准,以便团队及管理层灵活选用。
v1.0.2
- Major upgrade: Adds multi-dimensional analysis and AI-powered summary for GitLab daily reporting. - Support for semantic clustering of commits and Merge Requests by type (feature, fix, refactor, etc.). - New project momentum evaluation and risk/blockage detection logic. - Outputs are now available in concise, detailed, or executive summary styles, tailored for different audiences. - Introduces a structured, insight-driven report format and automated sending to Feishu. - Documentation updated with new workflow, output structure, and extended use cases.
v1.0.1
- 更新了“快速开始”部分,将 skill 目录示例路径由 `~/.workbuddy/skills/` 修改为 `skills/` - 其余内容未发生变更
v1.0.0
Initial release: Automates daily GitLab team commit reports and sends summaries to Feishu group bots. - Fetches daily commit records for configured GitLab repositories. - Groups and summarizes by member and repository. - Sends a formatted rich text report to specified Feishu groups. - Supports private GitLab deployments, multiple repositories and webhooks. - Filters out merge commits; deduplicates across branches. - Easy setup with config template and standard Python library (no extra dependencies).
Metadata
Slug gitlab-daily-report
Version 1.0.3
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 4
Frequently Asked Questions

What is GitLab 每日提交汇总?

自动拉取 GitLab 多维度数据,生成智能摘要并推送到飞书。支持语义化聚类、项目动量分析及阻塞风险识别。适用于每日进度汇报、团队贡献分析及研发效能洞察。 It is an AI Agent Skill for Claude Code / OpenClaw, with 266 downloads so far.

How do I install GitLab 每日提交汇总?

Run "/install gitlab-daily-report" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is GitLab 每日提交汇总 free?

Yes, GitLab 每日提交汇总 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does GitLab 每日提交汇总 support?

GitLab 每日提交汇总 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created GitLab 每日提交汇总?

It is built and maintained by chengxiansheng1 (@chengxiansheng1); the current version is v1.0.3.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments