Netlify Deploy

Name: Netlify Deploy
Author: ivangdavila

功能描述

Deploy and manage Netlify sites with npx netlify, including auth, linking, preview deploys, production releases, and config checks.

使用说明 (SKILL.md)

Setup

On first use, read setup.md for integration and environment checks.

When to Use

User needs to deploy, host, publish, or relink a web project on Netlify from the terminal. Use this skill for first deploys, preview deploys, production pushes, monorepo paths, and netlify.toml fixes.

Architecture

Memory lives in ~/netlify-deploy/. Use this local memory only for operational defaults so future deploy requests can start with the right safety assumptions.

~/netlify-deploy/
`- memory.md    # Preferred deploy mode, default project path, and common build settings

See memory-template.md for setup.

Quick Reference

Load only the file needed for the current task to keep command decisions fast and avoid irrelevant context.

Topic	File
Setup and integration flow	`setup.md`
Memory template	`memory-template.md`
CLI command map	`cli-commands.md`
Deployment scenarios	`deployment-patterns.md`
Configuration examples	`netlify-toml.md`

Core Rules

1. Verify Auth and Site Link Before Any Deploy

npx netlify status

If not authenticated, run npx netlify login and re-check status. If authenticated but not linked, resolve linking before deploy.

2. Use Link-First, Init-Second

git remote get-url origin
npx netlify link --git-remote-url \x3Cremote-url>

If the repository is not linked or no matching site exists, fall back to npx netlify init.

3. Default to Preview Deploys Unless User Asks for Production

npx netlify deploy

Use npx netlify deploy --prod only when the user explicitly requests production or confirms readiness. Never force production deploys as a shortcut when validation is still pending.

4. Confirm Build and Publish Paths Before First Production Deploy

npm run build
npx netlify deploy --dir=dist

Use framework defaults only as a starting point. Validate the actual output folder in the current project.

5. Make Monorepo Context Explicit

For monorepos, deploy from the correct subdirectory or set build.base in netlify.toml before linking/deploying.

6. Report Actionable Results

After each deploy, return deploy URL, environment (preview or production), and one concrete next step.

Common Traps

These traps are prioritized by how often they cause failed or risky deploys in terminal-first workflows.

Trap	Consequence	Fix
Running deploy before login check	Command fails with auth errors	Always run `npx netlify status` first
Running `--prod` by default	Unreviewed changes go live	Start with preview deploy unless user confirms production
Wrong publish directory	Site deploys blank or outdated build	Run local build and verify output folder
Linking from wrong monorepo folder	Deploys wrong app	Confirm current path and base directory before link/deploy
Treating `netlify.toml` as optional on complex projects	Inconsistent builds between environments	Commit a minimal, explicit `netlify.toml`

External Endpoints

Only Netlify service endpoints and Netlify documentation endpoints are expected in normal usage of this skill.

Endpoint	Data Sent	Purpose
https://api.netlify.com	Deploy metadata, site/project identifiers, build outputs via CLI	Authentication, linking, and deployments
https://app.netlify.com	Browser session data when login opens OAuth flow	Interactive authentication and dashboard access
https://docs.netlify.com	Documentation requests only	Reference for command and config behavior

No other data is sent externally.

Security & Privacy

Data that leaves your machine:

Project deploy artifacts and metadata are sent to Netlify when running deploy commands.
Auth/session data is exchanged with Netlify during npx netlify login.

Data that stays local:

Local source files and build scripts remain in your project unless you deploy.
Skill preferences stay in ~/netlify-deploy/memory.md.

This skill does NOT:

Store secrets inside skill files.
Run undeclared external services beyond Netlify endpoints.
Modify unrelated repositories or directories.

Trust

By using this skill, deployment data is sent to Netlify services. Only install if you trust Netlify with your project artifacts and deployment metadata.

Related Skills

Install with clawhub install \x3Cslug> if user confirms:

ci-cd - delivery pipeline design and release automation practices
git - branch hygiene and release-safe commit workflow
deploy - generic deployment planning across environments
devops - infrastructure and operational guardrails

Feedback

If useful: clawhub star netlify-deploy
Stay updated: clawhub sync

安全使用建议

This skill appears to be what it says: a Netlify CLI helper. Before installing: (1) confirm you trust Netlify for deploy artifacts and any env vars you upload; avoid using `env:import` on a .env that contains secrets you don't want on Netlify; (2) review or sanitize ~/netlify-deploy/memory.md so it doesn't accidentally store sensitive data; (3) ensure `npx` will run the official Netlify CLI (installed from the npm registry) and avoid running unfamiliar install commands returned by the skill; (4) always require explicit confirmation before production (`--prod`) deploys as the skill recommends.

功能分析

Type: OpenClaw Skill Name: netlify-deploy Version: 1.0.0 The OpenClaw AgentSkills skill bundle for Netlify deployment is classified as benign. All files (SKILL.md, cli-commands.md, deployment-patterns.md, memory-template.md, netlify-toml.md, setup.md) consistently focus on safe and standard Netlify CLI operations. SKILL.md explicitly outlines security and privacy, stating what data leaves the machine (Netlify deploy artifacts, auth data to Netlify) and what stays local, and explicitly denies storing secrets, running undeclared external services, or modifying unrelated directories. The instructions for the AI agent in SKILL.md and setup.md prioritize preview deploys, require explicit user confirmation for production, and guide the agent to verify paths and authentication, indicating a strong emphasis on safety and preventing accidental or malicious actions. While cli-commands.md lists Netlify CLI commands including `npx netlify env:import .env`, this is a standard Netlify feature for managing site environment variables, and the skill provides no instructions for the agent to misuse it for local data exfiltration or other malicious purposes. No evidence of prompt injection for malicious intent, data exfiltration to unauthorized endpoints, persistence mechanisms, or obfuscation was found.

能力评估

✓ Purpose & Capability

Name/description (Netlify deploy) matches declared requirements: npx and git are needed to invoke the Netlify CLI and inspect the repo; a local config path (~/netlify-deploy/) is used for skill memory. No unrelated binaries or cloud credentials are requested.

ℹ Instruction Scope

SKILL.md instructs only Netlify CLI and git commands appropriate to linking, preview/production deploys, builds, and local checks. Two items to be aware of: (1) the docs show use of `npx netlify env:import .env` / `env:set` which will upload environment variables from a .env file to Netlify (so secrets in a local .env would be transmitted to Netlify); and (2) the skill persists preferences in ~/netlify-deploy/memory.md — users should avoid placing secrets there. Otherwise the instruction scope stays within deployment tasks.

✓ Install Mechanism

Instruction-only skill with no install spec and no downloaded code; lowest-risk install posture. It relies on presence of npx (to run the official Netlify CLI) and git.

✓ Credentials

No environment variables or external credentials are required by the skill metadata. The runtime flow does require the user to authenticate with Netlify (interactive `npx netlify login`), which is appropriate for a deploy tool. The only configured path is a local memory directory, which is proportionate to the stated behavior.

✓ Persistence & Privilege

always:false and user-invocable; the skill stores its own memory under ~/netlify-deploy/ (expected). It does not request elevated system-wide privileges or modify other skills' config. Autonomous invocation remains allowed (platform default) but is not combined with unusual privileges.

版本历史

v1.0.0

Initial release with authentication checks, link-or-create flow, and safer preview-to-production deployment guidance.

元数据

Slug netlify-deploy

版本 1.0.0

许可证 —

累计安装 6

当前安装数 6

历史版本数 1

常见问题

Netlify Deploy 是什么？

Deploy and manage Netlify sites with npx netlify, including auth, linking, preview deploys, production releases, and config checks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 539 次。

如何安装 Netlify Deploy？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install netlify-deploy」即可一键安装，无需额外配置。

Netlify Deploy 是免费的吗？

是的，Netlify Deploy 完全免费（开源免费），可自由下载、安装和使用。

Netlify Deploy 支持哪些平台？

Netlify Deploy 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（linux, darwin, win32）。

谁开发了 Netlify Deploy？

由 Iván（@ivangdavila）开发并维护，当前版本 v1.0.0。