← 返回 Skills 市场
448
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install github-digest
功能描述
Generate a structured GitHub repo digest with briefing summary, categorized changes (breaking/major features/minor features/bug fixes), community discussions...
使用说明 (SKILL.md)
GitHub Digest
Generate structured, link-rich GitHub repo digests with a briefing overview and categorized details.
Prerequisites
ghCLI authenticated (gh auth status)
Workflow
1. Gather Data
Run these gh commands in parallel for the target repo (default: openclaw/openclaw):
# Recent releases (last 5)
gh release list --repo OWNER/REPO --limit 5
# Latest release notes
gh release view TAG --repo OWNER/REPO --json body --jq '.body'
# Recently merged PRs (last 30)
gh pr list --repo OWNER/REPO --state merged --limit 30 \
--json number,title,author,mergedAt,labels \
--jq '.[] | "[\(.mergedAt[:10])] #\(.number) \(.title) by @\(.author.login) [\([.labels[].name] | join(","))]"'
# Hot open issues (sorted by comments)
gh issue list --repo OWNER/REPO --state open --limit 30 \
--json number,title,comments,labels \
| jq -r '[.[] | {n:.number,t:.title,c:.comments,l:[.labels[].name]}] | sort_by(.c) | reverse | .[0:15] | .[] | "[\(.c)] #\(.n) \(.t) [\(.l | join(","))]"'
Adjust --limit and time range based on user's request (today / this week / this month).
2. Output Format
Structure the digest in this exact order:
📋 Briefing(总览)
A 3-5 sentence executive summary covering:
- What version was released and when
- Core themes (2-3 keywords, e.g. "安全加固、Plugin SDK 开放、工具能力扩展")
- Most impactful change in one line
- Community pulse (what people are discussing)
- Any breaking changes warning
⚠️ Breaking Changes
List each breaking change with:
- What changed
- Migration action required
- Link to docs if available
Skip this section if none.
🏗️ 重大更新 (Major Features)
Significant new capabilities, architectural changes, new integrations. Each item:
- Bold title:one-line description (#PR)
✨ 小功能 / 改进 (Minor Features)
Group by sub-category when there are many (e.g. "Telegram", "CLI", "Plugin SDK"). Each item:
- One-line description (#PR)
🔧 Bug 修复 (Bug Fixes)
Group by area (e.g. "Channel 修复", "核心/安全", "工具/浏览器"). For channel fixes with 5+ items, use a table:
| Channel | 修复内容 | PR |
|---|---|---|
| Name | Description | #N |
For other fixes, use bullet lists grouped by area.
💬 社区热议 (Community Discussions)
Hot issues sorted by engagement. Each item:
- #N — Title:one-line summary of the discussion
3. Formatting Rules
- Every PR/issue/release MUST have a clickable markdown link
- PR:
[#123](https://github.com/OWNER/REPO/pull/123) - Issue:
[#123](https://github.com/OWNER/REPO/issues/123) - Release:
[vTAG](https://github.com/OWNER/REPO/releases/tag/vTAG)
- PR:
- Use the user's language (detect from their message; default Chinese for Chinese users)
- Bold key terms for scannability
- Omit empty sections silently
- When release notes mention a PR number like
(#12345), always convert to a clickable link - For "Thanks @user" in release notes, link to
https://github.com/user
安全使用建议
This skill appears to do what it says (produce a GitHub digest), but before using it: 1) confirm you have the gh CLI and jq installed and that the publisher updates the registry metadata to declare those requirements; 2) understand that the skill will run gh commands using whatever account is authenticated in your gh CLI (so it will use your GitHub token/permissions); 3) if you only want public data, test the gh commands manually first to see what they'll return; 4) if concerned about token scope, use a token/account with limited permissions or run on an environment where gh is configured for read-only access; and 5) ask the publisher to clarify the missing metadata (required binaries and whether private-repo access is needed). These steps will reduce risk and resolve the metadata inconsistency.
功能分析
Type: OpenClaw Skill
Name: github-digest
Version: 1.0.0
The skill executes shell commands using the `gh` CLI tool, with parameters like `OWNER/REPO` and `TAG` expected to be dynamically filled, likely from user input. This design introduces a significant shell injection vulnerability (RCE risk) if the AI agent does not rigorously sanitize these inputs before executing the commands. While the commands themselves are intended for legitimate GitHub data retrieval, the lack of explicit input sanitization instructions makes the skill exploitable, classifying it as suspicious due to this critical vulnerability.
能力评估
Purpose & Capability
The name/description (GitHub repo digest) align with the runtime instructions: the workflow uses the GitHub CLI to list releases, PRs, and issues and formats a digest. However, the SKILL.md requires the 'gh' CLI (and uses 'jq' in examples), but the registry metadata declared no required binaries — this mismatch should be resolved.
Instruction Scope
Instructions are narrowly scoped to querying GitHub data (releases, PRs, issues) and formatting results. They require an authenticated 'gh' session (explicitly listed in SKILL.md) and do not instruct the agent to read unrelated local files or send data to endpoints other than GitHub links. The default repo and parallel execution are implementation details but not scope creep.
Install Mechanism
There is no install spec (instruction-only), so nothing is downloaded or written by the skill itself. This lowers installation risk; however, runtime depends on external CLIs being present on the host.
Credentials
The SKILL.md expects an authenticated 'gh' CLI context (which uses the user's GitHub credentials/token), but the skill metadata lists no required credentials or binaries. While using the user's gh auth is appropriate for querying private or authenticated endpoints, the metadata omission is inconsistent and could lead to confusion about what credentials will be used. The examples also use 'jq' but it's not declared.
Persistence & Privilege
The skill does not request persistent privileges (always is false) and has no install hooks. It does rely on the agent executing shell commands (gh); autonomous invocation is allowed by platform default but not otherwise elevated by this skill.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install github-digest - 安装完成后,直接呼叫该 Skill 的名称或使用
/github-digest触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: structured GitHub repo digest with briefing, categorized changes, and clickable source links
元数据
常见问题
GitHub Digest 是什么?
Generate a structured GitHub repo digest with briefing summary, categorized changes (breaking/major features/minor features/bug fixes), community discussions... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 448 次。
如何安装 GitHub Digest?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install github-digest」即可一键安装,无需额外配置。
GitHub Digest 是免费的吗?
是的,GitHub Digest 完全免费(开源免费),可自由下载、安装和使用。
GitHub Digest 支持哪些平台?
GitHub Digest 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 GitHub Digest?
由 RoggeOhta(@roggeohta)开发并维护,当前版本 v1.0.0。
推荐 Skills