← Back to Skills Marketplace
gdperkins

Reporead

by Gddp · GitHub ↗ · v1.2.0 · MIT-0
cross-platform ✓ Security Clean
390
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install reporead
Description
Analyze GitHub repositories using RepoRead AI. Use when the user asks to "analyze a repo", "generate docs", "security audit a repo", "create a README", or wa...
Usage Guidance
This skill appears to do what it says: it calls https://api.reporead.com and needs a RepoRead API key. Before installing, consider: 1) storing the API key in your shell profile or MCP config will persist it on disk in plaintext — only do this if you trust the host and want persistent access; 2) importing repositories sends repo content to a third-party service — avoid importing private/confidential repos unless you trust RepoRead and understand their data handling; 3) the included helper scripts attempt to sanitize inputs but input checks are simple and may reject some valid inputs or be imperfect — avoid passing untrusted, specially crafted IDs/URLs; 4) rotate the key if you suspect it was exposed and review RepoRead's privacy/security docs. If you need stronger guarantees, inspect the scripts yourself and prefer setting REPOREAD_API_KEY in a secure secrets store rather than embedding it in config files.
Capability Analysis
Type: OpenClaw Skill Name: reporead Version: 1.2.0 The 'reporead' skill is a legitimate integration for the RepoRead AI service, designed to analyze GitHub repositories. The shell scripts (scripts/reporead-api.sh and scripts/check-connection.sh) use curl to interact with the official API endpoint (api.reporead.com) and include proactive security measures such as input sanitization and path validation to prevent command injection.
Capability Assessment
Purpose & Capability
Name/description (RepoRead repo analysis) match the declared requirements: REPOREAD_API_KEY and curl. The scripts and REST endpoints target api.reporead.com and implement the advertised import/analysis/token endpoints; requested resources are proportionate to the stated purpose.
Instruction Scope
SKILL.md instructs the agent to set REPOREAD_API_KEY, optionally add it to MCP config files, import repos, start analyses, poll status, and fetch results. The runtime scripts only call the RepoRead API and do not access unrelated system files. Note: the docs recommend placing the API key in shell profiles and MCP JSON configs (plain text), which may store the secret on disk and should be considered a privacy/operational concern.
Install Mechanism
No install spec; this is instruction-only with small helper scripts included. No downloads from third-party URLs and no archives extracted. Risk from the install mechanism is low.
Credentials
Only REPOREAD_API_KEY is required and identified as primaryEnv — proportional to the functionality. However, the SKILL.md encourages storing the key in shell profiles and MCP config JSON (plaintext); users should be aware that doing so persists the secret on disk and may expose it to other processes/users.
Persistence & Privilege
always:false and the skill does not request elevated platform privileges or modification of other skills' configs. It does suggest configuring an MCP server entry with the API key, which is normal for integration but stores the key in config.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install reporead
  3. After installation, invoke the skill by name or use /reporead
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
Fix shell injection vulnerability in reporead-api.sh: sanitize user inputs before JSON embedding and URL path interpolation to prevent command substitution
v1.1.0
Add Clawdis metadata for credential declaration (REPOREAD_API_KEY), add check-connection.sh and reporead-api.sh helper scripts for REST API fallback, improve setup flow with env var step
v1.0.0
Initial release. MCP server setup, REST API fallback, 5 analysis types, decision framework, 3 workflow patterns.
Metadata
Slug reporead
Version 1.2.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is Reporead?

Analyze GitHub repositories using RepoRead AI. Use when the user asks to "analyze a repo", "generate docs", "security audit a repo", "create a README", or wa... It is an AI Agent Skill for Claude Code / OpenClaw, with 390 downloads so far.

How do I install Reporead?

Run "/install reporead" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Reporead free?

Yes, Reporead is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Reporead support?

Reporead is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Reporead?

It is built and maintained by Gddp (@gdperkins); the current version is v1.2.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments