← Back to Skills Marketplace
81
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install pipelinelint
Description
CI/CD pipeline anti-pattern analyzer -- detects hardcoded secrets, missing cache configs, skipped tests, unsafe deployments, no approval gates, and environme...
Usage Guidance
This skill appears to do what it claims: local regex-based scans and optional git-hook integration. Before installing, review and accept that: (1) installing lefthook via Homebrew is required to enable repo hooks; (2) running the hooks installer will create or append a lefthook.yml in your repository and register pre-commit/pre-push hooks that run the scanner on commits/pushes (this changes repo config and can add scan latency); (3) the license check reads a license key from the PIPELINELINT_LICENSE_KEY env var or ~/.openclaw/openclaw.json — ensure you are comfortable storing your key there. If you do not want repo hooks, you can use the one-shot scan commands instead. As always, review the included shell scripts (analyzer.sh, dispatcher.sh, patterns.sh, license.sh) yourself before enabling hooks to confirm they match your security policies.
Capability Analysis
Type: OpenClaw Skill
Name: pipelinelint
Version: 1.0.0
PipelineLint is a legitimate CI/CD pipeline analyzer designed to detect security anti-patterns and configuration issues locally. The skill uses regex-based scanning (analyzer.sh, patterns.sh) and provides a tiered licensing system validated offline via JWT (license.sh). It includes standard developer features like git hook integration via lefthook and multi-format reporting (text, JSON, HTML). No evidence of data exfiltration, malicious execution, or unauthorized network activity was found; the code logic is entirely consistent with its stated purpose.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description (CI/CD anti-pattern analyzer) matches the code and metadata. Required binaries (git, bash) and the primary credential (PIPELINELINT_LICENSE_KEY) are appropriate for a local scanner that integrates with git and supports licensed tiers. The brew install of lefthook is coherent with the advertised git-hook integration.
Instruction Scope
Runtime instructions and scripts focus on local file discovery, regex pattern matching, scoring, and report generation. The SKILL.md and lefthook config instruct installing pre-commit and pre-push hooks that source the skill's scripts from a skill directory (defaults to $HOME/.openclaw/skills/pipelinelint). This is expected behaviour for a hooks-integrated linter, but note that installing hooks modifies repository configuration and will run scans on commits/pushes.
Install Mechanism
Install spec uses a Homebrew formula (lefthook) — a standard package manager + known tool — and included scripts are plain shell files bundled with the skill. No downloads from untrusted URLs or archives are present in the provided manifest.
Credentials
Only the license key (PIPELINELINT_LICENSE_KEY) is declared as required. The license module also optionally reads ~/.openclaw/openclaw.json to find a stored key (a reasonable convenience). The scripts do not request unrelated secrets or multiple external credentials.
Persistence & Privilege
always:false and user-invocable:true — no forced global presence. The skill can install lefthook repo hooks and will write/append lefthook.yml in a repository, which is appropriate for a git-hook linter but is a persistent change to a repo until removed. The skill does not modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install pipelinelint - After installation, invoke the skill by name or use
/pipelinelint - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of PipelineLint: CI/CD pipeline anti-pattern analyzer.
- Detects 90 CI/CD pipeline anti-patterns across 6 categories: secrets, caching, testing, dependencies, deployment safety, and environment configuration.
- Tiered feature access: Free (30 patterns: SE, CF), Pro (60 patterns), Team/Enterprise (90 patterns).
- Provides detailed grading, per-finding remediation, and plaintext/JSON/HTML reporting.
- 100% local analysis—no telemetry or network calls; offline license validation.
- Integrates with git hooks (via lefthook) for automated pre-commit checks.
Metadata
Frequently Asked Questions
What is pipelinelint?
CI/CD pipeline anti-pattern analyzer -- detects hardcoded secrets, missing cache configs, skipped tests, unsafe deployments, no approval gates, and environme... It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.
How do I install pipelinelint?
Run "/install pipelinelint" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is pipelinelint free?
Yes, pipelinelint is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does pipelinelint support?
pipelinelint is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux, win32).
Who created pipelinelint?
It is built and maintained by suhteevah (@suhteevah); the current version is v1.0.0.
More Skills