← Back to Skills Marketplace
johba37

Disinto Factory

by johba37 · GitHub ↗ · v0.2.1 · MIT-0
cross-platform ⚠ suspicious
93
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install disinto-factory
Description
Set up and operate a disinto autonomous code factory. Use when bootstrapping a new factory instance, checking on agents and CI, managing the backlog, or trou...
README (SKILL.md)

Disinto Factory

You are helping the user set up and operate a disinto autonomous code factory — a system of bash scripts and Claude CLI that automates the full development lifecycle: picking up issues, implementing via Claude, creating PRs, running CI, reviewing, merging, and mirroring.

First-time setup

Walk the user through these steps interactively. Ask questions where marked with [ASK].

1. Environment

[ASK] Where will the factory run? Options:

  • LXD container (recommended for isolation) — need Debian 12, Docker, nesting enabled
  • Bare VM or server — need Debian/Ubuntu with Docker
  • Existing container — check prerequisites

Verify prerequisites:

docker --version && git --version && jq --version && curl --version && tmux -V && python3 --version && claude --version

Any missing tool — help the user install it before continuing.

2. Clone and init

git clone https://codeberg.org/johba/disinto.git && cd disinto

[ASK] What repo should the factory develop? Options:

  • Itself (self-development): bin/disinto init https://codeberg.org/johba/disinto --yes --repo-root $(pwd)
  • Another project: bin/disinto init \x3Crepo-url> --yes

Run the init and watch for:

  • All bot users created (dev-bot, review-bot, etc.)
  • WOODPECKER_TOKEN generated and saved
  • Stack containers all started

3. Post-init verification

Run this checklist — fix any failures before proceeding:

# Stack healthy?
docker ps --format "table {{.Names}}	{{.Status}}"
# Expected: forgejo, woodpecker (healthy), woodpecker-agent (healthy), agents, edge, staging

# Token generated?
grep WOODPECKER_TOKEN .env | grep -v "^$" && echo "OK" || echo "MISSING — see references/troubleshooting.md"

# Agent cron active?
docker exec -u agent disinto-agents-1 crontab -l -u agent

# Agent can reach Forgejo?
docker exec disinto-agents-1 bash -c "source /home/agent/disinto/.env && curl -sf http://forgejo:3000/api/v1/version | jq .version"

# Agent repo cloned?
docker exec -u agent disinto-agents-1 ls /home/agent/repos/

If the agent repo is missing, clone it:

docker exec disinto-agents-1 chown -R agent:agent /home/agent/repos
docker exec -u agent disinto-agents-1 bash -c "source /home/agent/disinto/.env && git clone http://dev-bot:\${FORGE_TOKEN}@forgejo:3000/\x3Corg>/\x3Crepo>.git /home/agent/repos/\x3Cname>"

4. Mirrors (optional)

[ASK] Should the factory mirror to external forges? If yes, which?

  • GitHub: need repo URL and SSH key added to GitHub account
  • Codeberg: need repo URL and SSH key added to Codeberg account

Show the user their public key:

cat ~/.ssh/id_ed25519.pub

Test SSH access:

ssh -T [email protected] 2>&1; ssh -T [email protected] 2>&1

If SSH host keys are missing: ssh-keyscan github.com codeberg.org >> ~/.ssh/known_hosts 2>/dev/null

Edit projects/\x3Cname>.toml to add mirrors:

[mirrors]
github   = "[email protected]:Org/repo.git"
codeberg = "[email protected]:user/repo.git"

Test with a manual push:

source .env && source lib/env.sh && export PROJECT_TOML=projects/\x3Cname>.toml && source lib/load-project.sh && source lib/mirrors.sh && mirror_push

5. Seed the backlog

[ASK] What should the factory work on first? Brainstorm with the user.

Help them create issues on the local Forgejo. Each issue needs:

  • A clear title prefixed with fix:, feat:, or chore:
  • A body describing what to change, which files, and any constraints
  • The backlog label (so the dev-agent picks it up)
source .env
BACKLOG_ID=$(curl -sf "http://localhost:3000/api/v1/repos/\x3Corg>/\x3Crepo>/labels" \
  -H "Authorization: token $FORGE_TOKEN" | jq -r '.[] | select(.name=="backlog") | .id')

curl -sf -X POST "http://localhost:3000/api/v1/repos/\x3Corg>/\x3Crepo>/issues" \
  -H "Authorization: token $FORGE_TOKEN" \
  -H "Content-Type: application/json" \
  -d "{\"title\": \"\x3Ctitle>\", \"body\": \"\x3Cbody>\", \"labels\": [$BACKLOG_ID]}"

For issues with dependencies, add Depends-on: #N in the body — the dev-agent checks these before starting.

Use labels:

  • backlog — ready for the dev-agent
  • blocked — parked, not for the factory
  • No label — tracked but not for autonomous work

6. Watch it work

The dev-agent polls every 5 minutes. Trigger manually to see it immediately:

docker exec -u agent disinto-agents-1 bash -c "cd /home/agent/disinto && bash dev/dev-poll.sh projects/\x3Cname>.toml"

Then monitor:

# Watch the agent work
docker exec disinto-agents-1 tail -f /home/agent/data/logs/dev/dev-agent.log

# Check for Claude running
docker exec disinto-agents-1 bash -c "for f in /proc/[0-9]*/cmdline; do cmd=\$(tr '\0' ' ' \x3C \$f 2>/dev/null); echo \$cmd | grep -q 'claude.*-p' && echo 'Claude is running'; done"

Ongoing operations

Check factory status

source .env

# Issues
curl -sf "http://localhost:3000/api/v1/repos/\x3Corg>/\x3Crepo>/issues?state=open" \
  -H "Authorization: token $FORGE_TOKEN" \
  | jq -r '.[] | "#\(.number) [\(.labels | map(.name) | join(","))] \(.title)"'

# PRs
curl -sf "http://localhost:3000/api/v1/repos/\x3Corg>/\x3Crepo>/pulls?state=open" \
  -H "Authorization: token $FORGE_TOKEN" \
  | jq -r '.[] | "PR #\(.number) [\(.head.ref)] \(.title)"'

# Agent logs
docker exec disinto-agents-1 tail -20 /home/agent/data/logs/dev/dev-agent.log

Check CI

source .env
WP_CSRF=$(curl -sf -b "user_sess=$WOODPECKER_TOKEN" http://localhost:8000/web-config.js \
  | sed -n 's/.*WOODPECKER_CSRF = "\([^"]*\)".*/\1/p')
curl -sf -b "user_sess=$WOODPECKER_TOKEN" -H "X-CSRF-Token: $WP_CSRF" \
  "http://localhost:8000/api/repos/1/pipelines?page=1&per_page=5" \
  | jq '.[] | {number, status, event}'

Unstick a blocked issue

When a dev-agent run fails (CI timeout, implementation error), the issue gets labeled blocked:

  1. Close stale PR and delete the branch
  2. docker exec disinto-agents-1 rm -f /tmp/dev-agent-*.json /tmp/dev-agent-*.lock
  3. Relabel the issue to backlog
  4. Update agent repo: docker exec -u agent disinto-agents-1 bash -c "cd /home/agent/repos/\x3Cname> && git fetch origin && git reset --hard origin/main"

Access Forgejo UI

If running in an LXD container with reverse tunnel:

# From your machine:
ssh -L 3000:localhost:13000 user@jump-host
# Open http://localhost:3000

Reset admin password if needed:

docker exec disinto-forgejo-1 su -c "forgejo admin user change-password --username disinto-admin --password \x3Cnew-pw> --must-change-password=false" git

Important context

  • Read AGENTS.md for per-agent architecture and file-level docs
  • Read VISION.md for project philosophy
  • The factory uses a single internal Forgejo as its forge, regardless of where mirrors go
  • Dev-agent uses claude -p --resume for session continuity across CI/review cycles
  • Mirror pushes happen automatically after every merge (fire-and-forget)
  • Cron schedule: dev-poll every 5min, review-poll every 5min, gardener 4x/day
Usage Guidance
This skill appears to be a legitimate factory operator, but it does not declare the sensitive environment variables and tokens it needs. Before installing or running it: (1) inspect the disinto repo/init scripts (bin/disinto) and any code that writes/reads .env to verify what tokens are created/stored; (2) do not run the init on a host with unrelated secrets — run it in an isolated VM or LXD container as recommended; (3) review the contents of your .env and only provide least-privilege tokens (create tokens scoped to the specific repo and CI actions); (4) avoid uploading or pasting private SSH keys — only add the public key to remotes; (5) if you need a stronger assurance, ask the publisher for an explicit requires.env list and a signed release or review the full upstream repository on Codeberg/GitHub before trusting the scripts. If the maintainer provides an explicit list of required env vars and a clear explanation of what the init writes to .env, my confidence would increase toward benign.
Capability Analysis
Type: OpenClaw Skill Name: disinto-factory Version: 0.2.1 The disinto-factory skill bundle automates the setup of a complex autonomous development environment involving Docker, Forgejo, and Woodpecker CI. It requires high-risk permissions, including executing commands inside containers via 'docker exec', managing SSH keys for git mirrors (GitHub/Codeberg), and handling sensitive API tokens (WOODPECKER_TOKEN, FORGE_TOKEN) as seen in SKILL.md and scripts/factory-status.sh. While these capabilities are plausibly necessary for the stated purpose of a 'code factory,' the broad system access and reliance on external scripts from Codeberg (johba/disinto) represent a significant attack surface without clear evidence of intentional malice.
Capability Assessment
Purpose & Capability
The described purpose (operating an autonomous code factory) legitimately requires access to the local Docker stack, Forgejo/Woodpecker APIs, and repository mirrors, which the SKILL.md instructs. However, the skill metadata lists no required environment variables or credentials even though the runtime instructions and the included script expect secrets like FORGE_TOKEN, WOODPECKER_TOKEN, FORGE_URL, and a populated .env. That mismatch is a meaningful incoherence.
Instruction Scope
Runtime instructions tell the operator (and the agent, if invoked) to source .env, run docker exec into containers, call internal APIs with tokens, clone remote repos, show SSH public keys, and test SSH access to external forges. Those actions are plausibly within the skill's stated scope, but they involve sensitive tokens and host-level operations and the SKILL.md gives broad interactive discretion (e.g., cloning repos, initializing bots, generating and saving tokens) without enumerating required secrets or explicitly warning the user.
Install Mechanism
This is instruction-only (no install spec) with one small helper script; nothing is downloaded from arbitrary URLs and no archive extraction is used. That reduces install-time risk.
Credentials
The skill uses multiple sensitive environment values (FORGE_TOKEN, WOODPECKER_TOKEN, possibly FORGE_URL, PROJECT_REPO_ROOT, SSH keys, etc.) but requires.env and primary credential fields are empty. Requiring and sourcing an undisclosed .env containing CI and repository tokens is disproportionate to what the package metadata declares and hides the credential surface from reviewers.
Persistence & Privilege
The skill is not always: true and uses normal autonomous-invocation defaults; it does instruct running an init that generates and 'saves' tokens into .env (normal for this class of tool), but it does not request or claim elevated platform privileges or to modify other skills. Still, the combination of host-level Docker access and credential generation/storage raises operational risk and should be confined to isolated hosts/containers.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install disinto-factory
  3. After installation, invoke the skill by name or use /disinto-factory
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.2.1
Add repository and homepage links
v0.2.0
Containerized factory
Metadata
Slug disinto-factory
Version 0.2.1
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 2
Frequently Asked Questions

What is Disinto Factory?

Set up and operate a disinto autonomous code factory. Use when bootstrapping a new factory instance, checking on agents and CI, managing the backlog, or trou... It is an AI Agent Skill for Claude Code / OpenClaw, with 93 downloads so far.

How do I install Disinto Factory?

Run "/install disinto-factory" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Disinto Factory free?

Yes, Disinto Factory is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Disinto Factory support?

Disinto Factory is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Disinto Factory?

It is built and maintained by johba37 (@johba37); the current version is v0.2.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments