← 返回 Skills 市场
dsg12te-del

Gstack Openclaw Skills

作者 dsg12te-del · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
223
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install gstack-openclaw-skills
功能描述
gstack 的 WorkBuddy/OpenClaw 适配版本。源自 gstack (Y Combinator Garry Tan),专为 WorkBuddy/OpenClaw 等 AI 助手平台优化。包含 15 个专业工具,涵盖从产品构思到代码发布的完整开发流程。
使用说明 (SKILL.md)

\r \r

gstack-openclaw-skills - gstack 的 WorkBuddy 适配版\r

\r

源自 gstack (Y Combinator CEO Garry Tan),适配 WorkBuddy/OpenClaw\r \r

简介\r

\r gstack-openclaw-skills 是 gstack 的开源 WorkBuddy/OpenClaw 适配版本。gstack 是 Y Combinator 总裁兼 CEO Garry Tan 开源的 Claude Code 设置,包含 15 个专业工具。\r \r Garry Tan 声称在 60 天内使用 gstack 编写了超过 60 万行生产代码(35% 是测试),每天可完成 1-2 万行可用代码。\r \r

核心哲学\r

\r

完整性原则 (Boil the Lake)\r

\r

"不要做半桶水,要做就做一整桶"\r \r AI 辅助编程应该追求完整实现,而非走捷径。识别问题后必须实际修复,完成一项任务意味着真正完成。\r \r

智能借鉴\r

\r 在借鉴其他产品的功能时,始终思考:\r

  1. 该功能在原始产品中为何有效?\r
  2. 该功能在自己的产品中可能成功还是失败?\r
  3. 需要哪些适配才能使其在自己的产品中成功?\r \r

技能目录\r

\r

产品构思阶段\r

\r | 技能 | 描述 |\r |------|------|\r | office-hours | YC 办公时间,验证产品创意 |\r | plan-ceo-review | CEO 视角评审计划 |\r | plan-eng-review | 工程经理视角评审架构 |\r | plan-design-review | 设计师视角评审设计 |\r \r

开发阶段\r

\r | 技能 | 描述 |\r |------|------|\r | review | 高级工程师代码审查 |\r | investigate | 调试调查专家 |\r | design-consultation | 设计咨询 |\r \r

测试发布阶段\r

\r | 技能 | 描述 |\r |------|------|\r | qa | QA 负责人测试并修复 bug |\r | qa-only | QA 报告员(纯报告) |\r | ship | 发布工程师自动化发布 |\r \r

文档与回顾\r

\r | 技能 | 描述 |\r |------|------|\r | document-release | 技术作家更新文档 |\r | retro | 工程经理团队回顾 |\r \r

强力工具\r

\r | 技能 | 描述 |\r |------|------|\r | codex | OpenAI Codex 独立审查 |\r | careful | 危险操作警告 |\r | freeze | 文件编辑锁定 |\r | guard | 完全安全模式 |\r \r

推荐工作流\r

\r

1. /office-hours       → 向 AI 描述你想构建的产品\r
2. /plan-ceo-review  → CEO 视角评审功能想法\r
3. /plan-eng-review  → 工程经理锁定技术架构\r
4. /plan-design-review → 设计师评审设计\r
5. /review           → 高级工程师审查代码\r
6. /qa               → QA 测试暂环境\r
7. /ship             → 发布代码\r
```\r
\r
## 使用方法\r
\r
在 WorkBuddy 中,你可以通过以下方式使用这些技能:\r
\r
1. **直接调用**:告诉 WorkBuddy 你想使用的技能,如"使用 office-hours 技能"\r
2. **场景触发**:描述你的需求,WorkBuddy 会自动推荐合适的技能\r
3. **组合使用**:多个技能配合使用,形成完整工作流\r
\r
## 与 gstack 的区别\r
\r
| 特性 | gstack (原版) | gstack-openclaw-skills |\r
|------|--------------|----------------------|\r
| 平台 | Claude Code | 通用 AI 助手 |\r
| 命令格式 | Slash 命令 | 技能调用 |\r
| 依赖 | Bun、Git、浏览器 | 无特殊依赖 |\r
| 本地脚本 | 包含 | 已转换为纯 prompt |\r
\r
## 许可证\r
\r
MIT License - 详见 [LICENSE](LICENSE) 文件。\r
\r
## 致谢\r
\r
- 感谢 [Garry Tan](https://github.com/garrytan) 创建 gstack\r
- 本项目仅供学习交流使用\r
\r
---\r
\r
**版本**: 1.0.0  \r
**更新日期**: 2025-03-19\r
安全使用建议
This skill appears coherent for a developer workflow toolkit, but exercise caution before installing. Specifically: - Inspect install.sh and the two Python scripts (command_router.py, state_manager.py) yourself before running anything; look for network calls, curl/wget, obfuscated commands, or calls to external endpoints. - Because the docs describe cloning a GitHub repo and writing into ~/.openclaw/skills/, run the install script in a sandbox or VM first—not on a production workstation. - Note the skill's examples show reading logs, editing files, running tests, restarting services, and pushing commits: these use your local credentials (git, cloud, system). Only allow the skill to run if you accept that it may use those existing credentials implicitly. - If you want to proceed, review the remote repository (https://github.com/AICreator-Wind/gstack-openclaw-skills.git) and confirm maintainers/trust, or manually copy vetted files rather than running an automated installer. - If you lack the ability to audit the scripts, avoid conversational one-click install; prefer manual installation after code review. If you want, I can summarize the install.sh and the two Python scripts (command_router.py, state_manager.py) for suspicious patterns—provide their contents or allow me to fetch them and I’ll review line-by-line.
功能分析
Type: OpenClaw Skill Name: gstack-openclaw-skills Version: 1.0.0 The skill bundle provides a comprehensive development workflow suite that requires the AI agent to perform high-risk actions, including executing shell commands, modifying source code, and performing git operations (e.g., in `ship/SKILL.md`, `qa/SKILL.md`, and `review/SKILL.md`). While these capabilities are clearly aligned with the stated purpose of automating software development tasks, the broad access to the shell and filesystem constitutes a significant attack surface. The `install.sh` script modifies the user's home directory to install the skills, and Python utilities (`command_router.py`, `state_manager.py`) manage routing and local state. No evidence of intentional malice, such as data exfiltration or backdoors, was found.
能力评估
Purpose & Capability
The name, description and many SKILL.md files describe developer workflows (code review, QA, ship, office-hours) and the included helper scripts (command_router.py, state_manager.py) are consistent with that purpose. However the package claims 'no special dependencies' and 'instruction-only' in registry metadata, yet contains an install.sh and executable helper scripts — suggesting more than pure prompt-level behavior. That's plausible for a workflow skill but is a modest inconsistency to surface.
Instruction Scope
The runtime docs and conversation examples instruct the agent to perform broad actions: read logs (auth.log), access working directories, run tests, modify files, run install scripts, restart services, push commits and create PRs, and deploy to production. Those operations require filesystem, network and credential access and go well beyond read-only assistance. The SKILL.md does not declare or limit these accesses, which is scope creep and increases potential for unintended access or exfiltration.
Install Mechanism
Registry has no formal install spec, yet the repo includes an install.sh and the FINAL_SUMMARY documents a one-click install that clones https://github.com/AICreator-Wind/gstack-openclaw-skills.git and copies files into ~/.openclaw/skills/. An included install script that clones and writes files is higher-risk than a purely instruction-only skill: it will write to disk and may run arbitrary shell commands. The clone target is a third-party GitHub repo (not obviously the registry owner); without inspecting install.sh contents, this is potentially unsafe.
Credentials
requires.env lists no credentials, yet the documentation shows actions that normally require credentials (git push, PR creation, deploy, restarting services). The skill appears to rely on whatever credentials exist in the user's environment (local git config, SSH keys, cloud CLI creds). Not declaring or limiting this implicit use of existing credentials is a mismatch and raises the risk that the skill will perform privileged actions using the user's credentials without explicit consent.
Persistence & Privilege
always is false and the skill is user-invocable (normal). The package claims a one-click conversational install which implies the agent will write files into the user's skills directory and possibly persist state via the included state_manager — those are expected for an installed skill. This level of persistence is reasonable for a workflow skill, but combined with the concerns above (install script + broad runtime actions) increases the blast radius if the install or scripts are malicious.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install gstack-openclaw-skills
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /gstack-openclaw-skills 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of gstack-openclaw-skills, adapted from gstack for WorkBuddy/OpenClaw compatibility. - Includes 15 specialized tools covering product ideation to code release. - Optimized workflows for AI assistant platforms, with no special dependencies required. - All original gstack scripts converted to prompt-based "skills". - Provides clear documentation, usage guidance, and feature comparison with the original gstack.
元数据
Slug gstack-openclaw-skills
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Gstack Openclaw Skills 是什么?

gstack 的 WorkBuddy/OpenClaw 适配版本。源自 gstack (Y Combinator Garry Tan),专为 WorkBuddy/OpenClaw 等 AI 助手平台优化。包含 15 个专业工具,涵盖从产品构思到代码发布的完整开发流程。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 223 次。

如何安装 Gstack Openclaw Skills?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install gstack-openclaw-skills」即可一键安装,无需额外配置。

Gstack Openclaw Skills 是免费的吗?

是的,Gstack Openclaw Skills 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Gstack Openclaw Skills 支持哪些平台?

Gstack Openclaw Skills 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Gstack Openclaw Skills?

由 dsg12te-del(@dsg12te-del)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论