← 返回 Skills 市场
324
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install github-pr-manager
功能描述
GitHub PR 全流程管家。用于自动化管理 Pull Request 的整个生命周期:初始化跟踪、检查 CI 状态、处理 Review 意见、修复 DCO/代码问题、回复评论,直到 PR 合入 main。当用户需要持续跟进 PR 状态、处理 reviewer 反馈、自动化 GitHub 操作时触发此 skill。
使用说明 (SKILL.md)
GitHub PR 全流程管家
这个 skill 让你可以像有一个专职 PR 助理一样,自动处理从提交到合入的所有事务。
核心能力
1. PR 初始化与跟踪
当用户提交新 PR 或要求跟踪已有 PR 时:
步骤:
1. 确认仓库名和 PR 号
2. 使用 gh CLI 或浏览器获取 PR 当前状态
3. 创建 memory/pr-tracking.md 记录初始状态
4. 设置 cron 定时检查(默认每 2 小时)
5. 告知用户当前状态和阻塞项
2. CI 状态监控
自动检查并报告:
- DCO 签名状态
- GitHub Actions 检查
- 测试覆盖
- 代码质量检查
DCO 失败自动修复:
cd \x3Crepo-path>
git commit --amend --signoff --no-edit
git push --force-with-lease origin \x3Cbranch>
3. Review 意见处理
当检测到新的 review 时:
步骤:
1. 使用 gh api 获取所有 review 评论
2. 分类整理:必须修复 / 建议修改 / 讨论
3. 对每个必须修复项:
- 如果是代码问题 → 定位并修复
- 如果是流程问题 → 执行(如回复 issue、assign 等)
- 如果是问题讨论 → 准备回复
4. 提交修复并回复 reviewer
4. 评论自动回复
常见场景的自动回复模板:
| 场景 | 回复模板 |
|---|---|
| 已修复问题 | "@reviewer Fixed in commit \x3Chash>. Thanks for the review!" |
| 需要澄清 | "@reviewer Could you elaborate on ...? I want to make sure I understand correctly." |
| 已处理 issue assign | "@maintainer Done! I've replied to issue #XXX. Please assign it to me." |
| CI 已修复 | "DCO fixed and CI is now passing. Ready for another review!" |
5. 直到合入的完整跟踪
自动检测并通知:
- ✅ Review 通过
- ✅ 所有 CI 通过
- ✅ 冲突解决
- ✅ PR 合入 main
- ❌ Review 拒绝 / 需要重大修改
必要配置
GitHub CLI 设置
确保 gh CLI 已安装并登录:
# Windows
winget install --id GitHub.cli
# 登录(使用用户的 token)
echo "\x3Ctoken>" | gh auth login --with-token
Token 权限
需要以下权限的 GitHub Personal Access Token:
repo- 访问仓库代码workflow- 访问 Actionsread:org- 读取组织信息
工作流
场景 1:新 PR 提交后
用户:帮我提交这个 fix 到 vllm-omni
Agent:
1. Fork 目标仓库(如需要)
2. Clone 到 workspace
3. 创建分支、提交代码
4. Push 到用户 fork
5. 创建 PR
6. 设置跟踪任务
7. 报告 PR 链接和初始状态
场景 2:Review 来了
Agent(cron 检查):
1. 发现新 review
2. 分析 review 内容
3. 判断是否需要代码修改
4. 执行修复或准备回复
5. 提交修复并回复 reviewer
6. 通知用户处理结果
场景 3:直到合入
Agent(持续跟踪):
1. 每 2 小时检查 PR 状态
2. 状态变化时立即通知用户
3. 自动处理力所能及的问题
4. 需要人工决策时请示用户
5. PR 合入后发送庆祝消息
参考资料
- references/workflow.md - 完整工作流指南
- references/templates.md - 常用回复模板
与用户的交互原则
- 主动汇报关键节点 - Review 通过、CI 失败、PR 合入等
- 请示后再执行重大操作 - 如大幅重构代码、关闭 PR 等
- 保持记录 - 所有操作记录在 memory/pr-tracking.md
- 安全优先 - Token 不存储在消息中,使用本地配置文件
安全使用建议
This skill's runtime instructions legitimately need the GitHub CLI and a Personal Access Token (repo/workflow/read:org) and will perform persistent, powerful operations (fork/clone, amend commits, force-push, call GH API, and create cron jobs and local tracking files). However, the registry metadata does not declare these requirements — that's an inconsistency you should resolve before installing. Before using or granting credentials: 1) Ask the publisher to update the manifest to explicitly list required binaries and the primary credential. 2) Provide a least-privilege token (avoid granting more scopes than necessary) or consider using a temporary token you can revoke. 3) Confirm exactly what cron job will be created, where (crontab user and commands), and how to remove it. 4) Understand that the skill will run force-pushes and amend commits — ensure you trust it and/or use a disposable environment or fork. 5) If you cannot verify the author/source or review the instructions in context, do not provide long-lived credentials or allow persistent cron setup. If you want to proceed, require the skill to prompt for explicit confirmation before any persistent or destructive actions (force-push, creating cron), and document how to audit and revoke its access.
功能分析
Type: OpenClaw Skill
Name: github-pr-manager
Version: 1.0.0
The skill provides automated GitHub PR management, which inherently requires high-risk capabilities such as handling GitHub Personal Access Tokens (PAT) with 'repo' and 'workflow' scopes and performing automated write operations like 'git push --force-with-lease'. While these actions are aligned with the stated purpose in SKILL.md and references/workflow.md, the automated execution of shell commands for credential login (gh auth login) and repository modification poses a significant security risk. No clear evidence of intentional malice or data exfiltration was found, but the broad permissions and automated lifecycle management meet the criteria for a suspicious classification.
能力评估
Purpose & Capability
The SKILL.md clearly requires the GitHub CLI (gh) and a Personal Access Token with repo/workflow/read:org permissions to perform forks, clones, pushes, PR creation, and API calls. However, the registry metadata lists no required binaries or environment variables. That mismatch is incoherent: a PR manager legitimately needs a GitHub token and gh, but the skill's manifest does not declare them.
Instruction Scope
Runtime instructions direct the agent to fork/clone repositories, amend commits (git commit --amend --signoff), force-push (git push --force-with-lease), call the GitHub API, create a local memory/pr-tracking.md, and set cron jobs to run periodic checks. These are all powerful actions and persist state outside of a single request; the SKILL.md also instructs authenticating gh via a token. The instructions do not constrain which repos/paths will be accessed beyond the user's requested PR, nor do they mandate explicit user confirmation for recurring automated actions (cron) beyond vague guidance to 'please ask the user for major operations'.
Install Mechanism
No install spec is provided (instruction-only), so nothing is downloaded or written by an installer. That limits some risks, but the runtime instructions themselves cause side effects (cron, git operations).
Credentials
The skill's documentation requires a GitHub Personal Access Token with broad repo/workflow/read:org scopes — appropriate for the described capabilities — but the registry metadata does not declare any required credentials. The absence of declared primaryEnv or required env vars is a red flag: the skill will need a sensitive token at runtime but the manifest omits it. The token scopes requested are broad (repo + workflow) and permit code and CI changes and might be over-privileged if the user wants limited actions.
Persistence & Privilege
Although always:false, the skill instructs creating cron jobs (default every 2 hours) and writing a persistent tracking file (memory/pr-tracking.md). That gives it continued system presence and autonomous activity outside an immediate user request. The skill does not document how to list/remove the cron job or where exactly the tracking file is stored; this persistence combined with credential usage increases risk.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install github-pr-manager - 安装完成后,直接呼叫该 Skill 的名称或使用
/github-pr-manager触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Full PR lifecycle management including CI monitoring, review handling, and automated tracking until merge
元数据
常见问题
GitHub PR Manager 是什么?
GitHub PR 全流程管家。用于自动化管理 Pull Request 的整个生命周期:初始化跟踪、检查 CI 状态、处理 Review 意见、修复 DCO/代码问题、回复评论,直到 PR 合入 main。当用户需要持续跟进 PR 状态、处理 reviewer 反馈、自动化 GitHub 操作时触发此 skill。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 324 次。
如何安装 GitHub PR Manager?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install github-pr-manager」即可一键安装,无需额外配置。
GitHub PR Manager 是免费的吗?
是的,GitHub PR Manager 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
GitHub PR Manager 支持哪些平台?
GitHub PR Manager 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 GitHub PR Manager?
由 zhuangzl(@godnight)开发并维护,当前版本 v1.0.0。
推荐 Skills