← 返回 Skills 市场
300
总下载
0
收藏
1
当前安装
2
版本数
在 OpenClaw 中安装
/install dev-factory-repo
功能描述
Automates software development by discovering ideas from GitHub, CVEs, and news, generating code with ChatDev 2.0 agents, testing, self-correcting, and publi...
使用说明 (SKILL.md)
Builder Agent
개요
보안 도구와 DevOps 유틸리티를 자동으로 생성하는 개발 에이전트입니다. ChatDev 2.0의 7개 에이전트가 협업하여 요구사항 분석부터 배포까지 전 과정을 자동화합니다.
자가 수정 루프: 에러 발생 시 자동으로 수정 후 재시도 (최대 3회)
워크플로우
아이디어 발굴 (GitHub Trending, CVE, Security News)
↓
Notion 큐 등록 (아이디어 데이터베이스)
↓
ChatDev 2.0 개발 (7개 에이전트 협업)
├─ CEO: 요구사항 분석
├─ CPO: 제품 기획
├─ CTO: 아키텍처 설계
├─ Programmer: 코드 생성
├─ Reviewer: 코드 리뷰
├─ Tester: 테스트 생성
└─ CTO Final: 최종 검증
↓
자동 테스트 실행
↓
에러 발생? → 수정 → 재시도 (최대 3회)
↓
GitHub 저장소 생성 및 배포
주요 기능
1. 아이디어 발굴 (Discovery)
- GitHub Trending: 인기 프로젝트 분석
- CVE 데이터베이스: 최신 취약점 기반 도구
- Security News: 보안 뉴스 기반 유틸리티
- Notion 큐: 아이디어 자동 등록
2. ChatDev 2.0 개발 (Development)
7개 에이전트 협업:
| 에이전트 | 역할 | 담당 업무 |
|---|---|---|
| CEO | 최고경영자 | 요구사항 분석, 방향성 결정 |
| CPO | 최고제품책임자 | 제품 기획, 기능 정의 |
| CTO | 최고기술책임자 | 아키텍처 설계, 기술 스택 결정 |
| Programmer | 개발자 | 코드 생성, 구현 |
| Reviewer | 리뷰어 | 코드 리뷰, 품질 검증 |
| Tester | 테스터 | 테스트 코드 작성, 실행 |
| CTO Final | 최종검토자 | 최종 검증, 배포 승인 |
3. 자가 수정 루프 (Self-Correction)
테스트 실행
↓
에러 발견
↓
에러 분석 → 수정 방안 도출
↓
코드 수정
↓
재테스트
↓
성공? → 배포 / 실패? → 재시도 (최대 3회)
4. GitHub 자동 배포 (Publishing)
- 저장소 생성: 자동으로 GitHub 저장소 생성
- 코드 업로드: 완성된 코드 자동 푸시
- README 생성: 자동 문서화
- 릴리즈 생성: v1.0.0 자동 릴리즈
설치 방법
1. 저장소 클론
git clone --recursive https://github.com/rebugui/OpenClaw.git
cd OpenClaw/submodules/builder-agent
2. ChatDev 2.0 설정
cd ../chatdev-v2
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r requirements.txt
3. 의존성 설치
cd ../builder-agent
pip install -r requirements.txt
4. 환경 변수 설정
cp .env.example .env
.env 파일 수정:
# GLM API (Zhipu AI)
GLM_API_KEY=your_glm_api_key
GLM_BASE_URL=https://api.z.ai/api/coding/paas/v4
# GitHub
GITHUB_TOKEN=your_github_token
GITHUB_USERNAME=your_username
# Notion
NOTION_API_KEY=your_notion_api_key
NOTION_DATABASE_ID=your_database_id
# ChatDev
CHATDEV_URL=http://localhost:6400
5. ChatDev 서버 시작
cd ../chatdev-v2
python server_main.py --port 6400
# API: http://localhost:6400
사용법
수동 실행
1. 아이디어 발굴
python main.py discovery
2. 개발 실행
# Notion 큐에서 아이디어 가져와서 개발
python main.py develop
# 특정 프로젝트 개발
python main.py develop --project "cve-scanner"
3. 큐 모니터링
python queue_monitor.py
스케줄러 등록
OpenClaw 스케줄러에 등록하여 자동 실행:
# config.yaml
jobs:
# 아이디어 발굴 (매일 08:00, 20:00)
- id: "builder_discovery"
name: "Builder Discovery - 매일 오전 8시/오후 8시 아이디어 발굴"
enabled: true
module: "submodules.builder-agent.main"
class: "BuilderAgentV3"
method: "run_discovery"
trigger:
type: "cron"
day_of_week: "mon-sun"
hour: "8,20"
minute: 0
# 개발 큐 처리 (6시간마다)
- id: "builder_queue_processor"
name: "Builder Queue Processor - 6시간마다 개발/개선 큐 처리"
enabled: true
module: "submodules.builder-agent.main"
class: "BuilderAgentV3"
method: "run_development_from_notion"
trigger:
type: "interval"
hours: 6
# 큐 모니터링 (6시간마다)
- id: "builder_queue_monitor"
name: "Builder Queue Monitor - 6시간마다 큐 상태 체크 및 알림"
enabled: true
module: "modules.builder.queue_monitor"
function: "main"
trigger:
type: "interval"
hours: 6
설정 파일
config.yaml
discovery:
sources:
- github_trending
- cve_database
- security_news
max_ideas: 5
keywords:
- vulnerability
- scanner
- automation
development:
max_retries: 3
test_timeout: 300
output_dir: "./projects"
chatdev:
url: "http://localhost:6400"
model: "glm-5"
timeout: 1800
github:
auto_publish: true
private: false
license: "MIT"
파일 구조
builder-agent/
├── main.py # 메인 실행 파일
├── config.yaml # 설정 파일
├── .env.example # 환경 변수 예시
├── requirements.txt # 의존성
│
├── discoverer/ # 아이디어 발굴
│ ├── github_trending.py
│ ├── cve_analyzer.py
│ └── news_monitor.py
│
├── orchestrator/ # 개발 오케스트레이션
│ ├── chatdev_client.py
│ ├── test_runner.py
│ └── github_publisher.py
│
├── improvement/ # 개선 시스템
│ └── improvement_pipeline.py
│
├── models/ # 데이터 모델
│ └── project.py
│
└── logs/ # 로그
└── builder.log
Notion 데이터베이스 설정
아이디어 데이터베이스
Title(제목)Status(선택: Idea, Developing, Testing, Completed, Failed)Priority(선택: High, Medium, Low)Source(선택: GitHub, CVE, News)Created(생성일)Repository(URL)
예시 프로젝트
생성된 프로젝트들
- secure_app - 보안 설정 자동화 도구
- cve-scanner-v2 - CVE 취약점 스캐너
- file-integrity-monitor - 파일 무결성 모니터링
프로젝트 구조
cve-scanner-v2/
├── README.md
├── requirements.txt
├── setup.py
├── src/
│ ├── __init__.py
│ ├── main.py
│ └── utils.py
└── tests/
├── __init__.py
└── test_main.py
성공/실패 기록
성공한 프로젝트 (2026-02-22 ~ 2026-02-23)
- secure_app ✅ (2026-02-22 18:08)
- cve-scanner-v2 ✅ (2026-02-23 12:17)
- cve-scanner-v6 ✅ (2026-02-23 13:41)
- cve-scanner-v7 ✅ (2026-02-23 13:46)
- cve-scanner-v8 ✅ (2026-02-23 14:10)
실패한 프로젝트
- file-integrity-monitor ❌ - 테스트 실패
- cve-scanner-v3 ❌ - 테스트 실패
- cve-scanner-v5 ❌ - 테스트 실패
공통 문제: 테스트 코드가 구현 로직과 일치하지 않음 → 프롬프트 개선 필요
문제 해결
ChatDev 연결 실패
# ChatDev 서버 상태 확인
curl http://localhost:6400/health
# 서버 재시작
cd ../chatdev-v2
python server_main.py --port 6400
테스트 실패
# 로그 확인
tail -f logs/builder.log
# 수동 테스트 실행
cd projects/cve-scanner-v2
pytest tests/
GitHub 배포 실패
# Git 권한 확인
ssh -T [email protected]
# 토큰 권한 확인
curl -H "Authorization: token {GITHUB_TOKEN}" https://api.github.com/user
의존성
- Python 3.11+
- ChatDev 2.0
- GLM-5 API
- GitHub Personal Access Token
- Notion API
라이선스
MIT License
참고
- 저장소: https://github.com/rebugui/builder-agent
- ChatDev 2.0: https://github.com/OpenBMB/ChatDev
- 메인 저장소: https://github.com/rebugui/OpenClaw
安全使用建议
This skill is functionally coherent for building and publishing code, but treat it as high‑impact software rather than a harmless plugin. Before installing: (1) Verify and run the code in an isolated environment (VM or container) — do not run as root or on a machine with sensitive data. (2) Inspect call sites for subprocess.run, sessions_spawn/openclaw, and the fixer that writes files; search for network endpoints and any hard-coded URLs. (3) Provide least-privilege credentials: create a dedicated GitHub bot account/token with only repo creation/push scope you trust (or start with read-only and test), and limit Notion/GLM tokens similarly. (4) Disable automatic cron/OpenClaw scheduling until you’ve tested manual runs. (5) If you lack time to audit the code, do not supply production credentials — consider using mocked/stubbed tokens and running discovery/testing in offline/sandbox mode. If you decide to proceed, monitor network traffic and logs during first runs and rotate any tokens you used for testing if anything looks unexpected.
功能分析
Type: OpenClaw Skill
Name: dev-factory-repo
Version: 1.1.1
The bundle implements an autonomous 'Dev Factory' that automates software discovery, development, testing, and GitHub publishing. It exhibits high-risk capabilities, including extensive use of subprocess.run to execute shell commands, the GitHub CLI (gh), and the Claude Code CLI with explicit 'Bash' tool access enabled in orchestrator.py. The system also sends local source code to the Zhipu AI (GLM) API (open.bigmodel.cn) for automated error correction in fixer.py. While these behaviors are consistent with the stated purpose of an autonomous agent, the combination of shell execution privileges for LLM-generated code and persistence via launchd agents creates a significant security risk and potential for Remote Code Execution (RCE).
能力评估
Purpose & Capability
The skill's code and SKILL.md implement discovery, multi-agent code generation, self-correction, testing and GitHub publishing — which matches the declared purpose. However the registry metadata declares no required environment variables or binaries while the README/SKILL.md and numerous code files clearly require GLM API keys, GITHUB_TOKEN, NOTION_API_KEY, a local ChatDev service, and external CLIs (agent-browser, brave-search, 'openclaw' CLI). The missing metadata is an incoherence that hides the need for sensitive credentials and external tools.
Instruction Scope
Runtime instructions ask the user to clone a GitHub repo, run local ChatDev server, copy .env.example and populate secrets, start cron/OpenClaw jobs, and run scripts that will create repos and push code. The SKILL.md and included code reference subprocess usage and sessions_spawn (spawning other agents). The instructions therefore authorize executing arbitrary commands, running other agent processes, modifying files on disk, and pushing to remote services — all beyond a simple 'helper' and requiring explicit trust and confinement.
Install Mechanism
There is no formal install spec (instruction-only), so nothing will be auto-downloaded by the platform. That reduces supply-chain risk, but the package expects external binaries (agent-browser, brave-search, ChatDev server, OpenClaw CLI) and suggests cloning from GitHub. Because installation and runtime will rely on unpacking and running code locally and invoking third-party CLIs, the user must manually install and audit those components — the skill does not declare or enforce them.
Credentials
The skill requires multiple sensitive credentials (GLM_API_KEY or equivalents, GITHUB_TOKEN, NOTION_API_KEY) and a GitHub username; these are reasonable for publishing and using hosted LLMs/Notion. But the registry metadata lists no required env vars or primary credential — a mismatch. The skill also asks for tokens that permit repository creation and pushes; those scopes should be minimised. The SKILL.md references multiple API keys (several GLM keys in docs), increasing the number of secrets you must trust to the code.
Persistence & Privilege
always is false, so the skill won't be forced into all agent runs, but it can be invoked autonomously when allowed. The code includes functionality to modify code on disk (auto-fixer), create cron jobs / schedule jobs in OpenClaw, and publish to GitHub — actions with moderate-to-high persistence and impact. Autonomous invocation combined with spawning other agents (sessions_spawn) increases blast radius if misused, so run-time confinement and least-privilege tokens are recommended.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install dev-factory-repo - 安装完成后,直接呼叫该 Skill 的名称或使用
/dev-factory-repo触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.1
**Large refactor and cleanup for improved maintainability.**
- Removed numerous unused files, including tests, enhancement reports, and Symphony system components.
- Added a new README.md for user reference.
- Simplified and updated SKILL.md: removed version field, trimmed outdated sections, and focused documentation.
- Streamlined the file structure and removed older enhancement/test-related dependencies.
- Updated core builder/discovery, correction, and integration scripts for consistency with the leaner architecture.
v1.0.0
Initial release of dev-factory-repo.
- Introduces an automated software development agent using ChatDev 2.0 (7-agent collaboration) and GLM-5.
- Discovers project ideas from GitHub Trending, CVE databases, and security news; manages ideas via Notion.
- Automates code generation, testing (with self-correction loop—up to 3 retries), and publishing to GitHub.
- Provides scheduler configuration for regular operation and supports manual execution.
- Includes detailed setup, configuration, troubleshooting steps, and example project structure.
元数据
常见问题
Dev Factory Repo 是什么?
Automates software development by discovering ideas from GitHub, CVEs, and news, generating code with ChatDev 2.0 agents, testing, self-correcting, and publi... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 300 次。
如何安装 Dev Factory Repo?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install dev-factory-repo」即可一键安装,无需额外配置。
Dev Factory Repo 是免费的吗?
是的,Dev Factory Repo 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Dev Factory Repo 支持哪些平台?
Dev Factory Repo 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Dev Factory Repo?
由 rebugui(@rebugui)开发并维护,当前版本 v1.1.1。
推荐 Skills