← Back to Skills Marketplace
App Store Changelog
by
QuincyGunter
· GitHub ↗
· v1.0.0
· MIT-0
58
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install qui-app-store-changelog
Description
Create user-facing App Store release notes by collecting and summarizing all user-impacting changes since the last git tag (or a specified ref). Use when ask...
Usage Guidance
This skill appears to be what it says: it runs a small git-based script to list commits and touched files and then drafts App Store release notes. Before installing or running it, be aware that: (1) the script requires git but the metadata doesn't declare that — ensure git is available where the agent runs; (2) the script will print the repository root, commit messages, and file paths, so sensitive data in commit messages or filenames could be exposed; (3) run it only on repositories you trust or in an environment where viewing repo history is acceptable. If you want extra caution, inspect the commit output produced by scripts/collect_release_changes.sh before allowing the agent to summarize or transmit those contents, or run the script locally yourself and paste only the needed output into the agent.
Capability Analysis
Type: OpenClaw Skill
Name: qui-app-store-changelog
Version: 1.0.0
The skill is designed to generate App Store release notes from git history, but it contains a shell injection vulnerability in `scripts/collect_release_changes.sh`. The script passes the `since_ref` and `until_ref` arguments directly into a shell command without sanitization or quoting, which could allow arbitrary command execution if a malicious git tag or reference name is used. While the behavior aligns with the stated purpose and lacks evidence of intentional malice, the lack of input validation is a high-risk flaw.
Capability Assessment
Purpose & Capability
The name/description match the included assets: SKILL.md describes collecting git history and summarizing user-facing changes, and the repo includes a script that runs git to produce commits and touched files. Minor inconsistency: the skill metadata lists no required binaries, but the script requires git to run; declaring git as a required binary would be expected.
Instruction Scope
SKILL.md instructs the agent to run scripts/collect_release_changes.sh from the repo root and to triage commits/files to create release notes. The collection script prints the repo root, commit messages, and file paths — expected for this task, but it may expose sensitive file paths, commit messages, or other repository contents if present. There are no instructions to read unrelated system files or transmit data to external endpoints.
Install Mechanism
There is no install spec and the skill is instruction-only with a small bundled shell script. Nothing is downloaded or written to disk by the skill itself; risk from installation is minimal.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The script simply runs git commands in the repo — its permissions are proportional to producing a changelog.
Persistence & Privilege
always is false and the skill is user-invocable. The skill does not request persistent presence or modify other skills or system configs. It does not write files or install services.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install qui-app-store-changelog - After installation, invoke the skill by name or use
/qui-app-store-changelog - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the app-store-changelog skill.
- Generates user-facing App Store release notes by summarizing all impactful changes since the last git tag.
- Automatically collects, triages, and drafts concise, benefit-focused changelogs from git history.
- Excludes internal changes and technical jargon for clear communication with end users.
- Follows structured workflow and best practices to ensure high-quality, accurate release notes.
Metadata
Frequently Asked Questions
What is App Store Changelog?
Create user-facing App Store release notes by collecting and summarizing all user-impacting changes since the last git tag (or a specified ref). Use when ask... It is an AI Agent Skill for Claude Code / OpenClaw, with 58 downloads so far.
How do I install App Store Changelog?
Run "/install qui-app-store-changelog" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is App Store Changelog free?
Yes, App Store Changelog is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does App Store Changelog support?
App Store Changelog is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created App Store Changelog?
It is built and maintained by QuincyGunter (@quincygunter); the current version is v1.0.0.
More Skills