← 返回 Skills 市场

GitHub Actions Generator

Name: GitHub Actions Generator
Author: sunshine-del-ux

作者 Sunshine-del-ux · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

1910

总下载

当前安装

版本数

在 OpenClaw 中安装

/install github-actions-generator

功能描述

生成 GitHub Actions 工作流，支持 CI/CD、测试、部署等多种场景。

使用说明 (SKILL.md)

GitHub Actions Generator

自动生成 GitHub Actions 工作流文件。

支持的场景

✅ Node.js CI/CD
✅ Python CI/CD
✅ Go CI/CD
✅ Docker 构建推送
✅ 自动发布 Release
✅ Dependabot 自动更新
✅ 定时任务

使用方法

github-actions-generator ci --lang node
github-actions-generator deploy --target vercel
github-actions-generator docker --registry ghcr

安全使用建议

This skill appears misleading: its README lists many features and CLI flags that are not implemented in the included script. If you consider installing or running it, do the following first: - Inspect the github-actions-generator.sh content (already included) and confirm it does what you need. It currently only writes two Node-focused workflows. - Run it in a throwaway repository or branch (not your main production repo), and back up any existing .github/workflows files because the script will overwrite ci.yml or deploy.yml. - If you need Docker pushes, Releases, Dependabot, or multi-language support, request an updated implementation that actually requires and documents the necessary credentials (e.g., GH_TOKEN, registry credentials) and show how flags are parsed. - Do not run this on a sensitive repo until you verify the generated workflows and the script behavior. The package appears non-malicious but is inconsistent and incomplete.

功能分析

Type: OpenClaw Skill Name: github-actions-generator Version: 1.0.0 The skill bundle is benign. The `SKILL.md` file contains only descriptive text and usage examples, with no evidence of prompt injection attempts against the AI agent. The `github-actions-generator.sh` script creates standard GitHub Actions workflow YAML files (`ci.yml`, `deploy.yml`) in the `.github/workflows` directory. While the script has functional limitations (e.g., it doesn't fully utilize the `--lang` or `--target` arguments from the examples), it does not perform any malicious actions such as data exfiltration, unauthorized command execution, persistence, or obfuscation. Its behavior is entirely consistent with its stated purpose of generating workflow files.

能力评估

⚠ Purpose & Capability

The SKILL.md and description promise broad GitHub Actions generation (Node/Python/Go, Docker build & push, auto release, Dependabot, scheduled tasks). The included script only writes two simple workflows (ci.yml and deploy.yml), both Node-centric; it does not implement Docker, releases, Dependabot, schedules, or the CLI flags shown in the README. This is a capability mismatch and likely misleading.

⚠ Instruction Scope

Runtime instructions and usage examples show flags (e.g., --lang, --target, --registry) and multiple scenarios that the code does not support. The actual script accepts positional args ($1, $2) and ignores GNU-style flags; it only creates .github/workflows/ci.yml or deploy.yml and will overwrite those files if present. The instructions therefore overstate what the runtime will do.

✓ Install Mechanism

No install spec and only an included bash script — nothing is downloaded from external URLs. This is low-risk from an install-perspective: code is included in the skill bundle and no network install steps are present.

ℹ Credentials

The skill requests no environment variables or credentials (correct for the provided script). However, the SKILL.md claims features that typically require credentials (e.g., pushing to registries, creating Releases, Dependabot configuration) but the skill does not request or document the needed tokens — another sign of inconsistency.

✓ Persistence & Privilege

Skill is not always-on and does not request elevated platform privileges. It only writes workflow files into the repository (expected for a generator). There is no evidence it modifies other skills or system-wide agent settings.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install github-actions-generator
安装完成后，直接呼叫该 Skill 的名称或使用 /github-actions-generator 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of github-actions-generator. - Generate GitHub Actions workflow files automatically. - Supports Node.js, Python, and Go CI/CD pipelines. - Includes Docker build & push, automated release publishing, Dependabot updates, and scheduled tasks. - Simple CLI for generating workflows by scenario and deployment target.

元数据

Slug github-actions-generator

版本 1.0.0

许可证 —

累计安装 25

当前安装数 23

历史版本数 1

常见问题