← 返回 Skills 市场
800
总下载
0
收藏
0
当前安装
4
版本数
在 OpenClaw 中安装
/install gitignore-sync
功能描述
gitignore-sync combines gitignore.io templates with your repo context to produce a cleaner `.gitignore` with fewer overlooked cases. It generates `.gitignore...
使用说明 (SKILL.md)
Gitignore Sync
Generate high-confidence .gitignore rules from real repo signals and gitignore.io, then update safely via a managed block so manual rules stay untouched.
Execution Rule
Use scripts/update_gitignore.py as the only execution path.
Do not fetch from the API directly in ad-hoc commands.
Do not manually compose or rewrite .gitignore when this skill is selected.
Workflow
- Infer requested templates from the user prompt.
- Detect likely templates from repository files and folders.
- Run
scripts/update_gitignore.pywith--prompt-textand/or--services. - Let the script fetch combined template rules from
https://www.toptal.com/developers/gitignore/api/\x3Ctemplates>. - Let the script write or update a managed block in
.gitignore. - Preserve non-managed user sections in
.gitignore.
Run
From the target repository root, run:
python3 \x3Cskill-path>/scripts/update_gitignore.py \
--prompt-text "create .gitignore for flutter firebase vscode" \
--repo .
Use explicit templates when the user names exact services:
python3 \x3Cskill-path>/scripts/update_gitignore.py \
--services flutter,firebase,visualstudiocode \
--repo .
Notes
- Prefer passing both
--prompt-textand--serviceswhen available. - Keep manual custom rules outside the managed block markers.
- Re-run safely; the script replaces only the managed block.
- Use
--rules-filefor offline/local testing when network access is blocked.
安全使用建议
This skill appears to do only what it says: detect repository tooling, fetch gitignore templates from the gitignore.io endpoint (https://www.toptal.com/developers/gitignore/api) and update a managed block in .gitignore. Before running: (1) review the templates the tool will apply (use --dry-run) so you know what ignore rules will be inserted, (2) run it from the correct repository root (or pass --repo), and (3) if you have network restrictions or want to avoid remote fetches, use --rules-file for offline input. The script does not require credentials or access other system resources. If you need higher assurance, inspect the bundled scripts/update_gitignore.py yourself and prefer dry-run first.
功能分析
Type: OpenClaw Skill
Name: gitignore-sync
Version: 0.1.3
The skill bundle is designed to generate or update `.gitignore` files, which is a benign purpose. However, the `scripts/update_gitignore.py` script includes arguments like `--api-base` and `--rules-file` that introduce vulnerabilities. If an attacker can control these arguments (e.g., via prompt injection against the agent or direct command line manipulation), they could direct the script to fetch ignore rules from an arbitrary malicious URL or inject content from an arbitrary local file into the `.gitignore`. The `--repo` argument also allows writing the `.gitignore` file to an arbitrary directory. While these are not indicative of intentional malice, they represent significant risks due to potential for arbitrary content injection or file manipulation if the agent's input is not sufficiently sanitized.
能力评估
Purpose & Capability
Name/description match the provided code and instructions. The script detects repo files, maps tokens to known templates, fetches canonical rules from the gitignore.io endpoint, and writes a managed block — all expected for a gitignore-sync tool.
Instruction Scope
SKILL.md restricts execution to scripts/update_gitignore.py and the script's behavior is limited to inspecting the target repo (file/folder presence), optionally fetching rules from the gitignore.io API, and writing/updating a managed block in .gitignore. It does not read unrelated system files or attempt to exfiltrate secrets.
Install Mechanism
No install spec; this is instruction-only plus a bundled Python script. There are no downloads or archive extraction during install. The script uses Python stdlib networking (urllib) to fetch templates at runtime.
Credentials
No environment variables, credentials, or config paths are requested. Network access to the gitignore.io (toptal) API is used to fetch templates, which is proportionate to the stated purpose.
Persistence & Privilege
Skill does not request always:true, does not modify other skills or global agent config, and only writes the repository's .gitignore managed block (expected scope).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install gitignore-sync - 安装完成后,直接呼叫该 Skill 的名称或使用
/gitignore-sync触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.3
Update description exactly per request.
v0.1.2
Refine short description by combining preferred lines (3+8) for clearer developer-facing positioning.
v0.1.1
Improve metadata: emphasize repo-context + gitignore.io reliability when LLM-only generation misses context.
v0.1.0
Initial release
元数据
常见问题
Gitignore Sync 是什么?
gitignore-sync combines gitignore.io templates with your repo context to produce a cleaner `.gitignore` with fewer overlooked cases. It generates `.gitignore... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 800 次。
如何安装 Gitignore Sync?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install gitignore-sync」即可一键安装,无需额外配置。
Gitignore Sync 是免费的吗?
是的,Gitignore Sync 完全免费(开源免费),可自由下载、安装和使用。
Gitignore Sync 支持哪些平台?
Gitignore Sync 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Gitignore Sync?
由 Nikita(@nikita-holban)开发并维护,当前版本 v0.1.3。
推荐 Skills