← 返回 Skills 市场
284
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install new-tag
功能描述
Prepare and publish a git release tag by inspecting the repo's release convention, bumping affected package versions, validating release builds, committing t...
安全使用建议
This skill is coherent in purpose (preparing and pushing a release tag) but has two practical gaps you should be aware of before installing: (1) the SKILL.md assumes tools that the metadata does not declare (git, pnpm or another package manager, rg), so confirm your agent environment actually has those binaries; (2) the agent will run repository build/release scripts and perform git push/tag operations using whatever credentials the runtime provides — these actions can execute arbitrary code from the repo and modify remote state. If you plan to use it, require explicit confirmation before any push/tag, test in a dry-run branch, ensure CI publishes are correctly configured (and that no npm tokens are exposed to the agent), and limit the agent's git credentials to a least-privilege account. If you need certainty about which binaries or credentials are required, ask the skill author to update the metadata to list required binaries and any environment variables or tokens it may use.
功能分析
Type: OpenClaw Skill
Name: new-tag
Version: 0.1.1
The skill bundle is designed to automate the standard software release process, including version bumping, build validation, and git tagging. The instructions in SKILL.md and the command patterns provided are consistent with legitimate development workflows using git and pnpm, with no evidence of data exfiltration, malicious execution, or prompt injection.
能力评估
Purpose & Capability
Name/description and the SKILL.md align: the skill is clearly a git-release/tag helper. However the metadata lists no required binaries or env vars while the instructions explicitly assume tools like git, pnpm (or another package manager), ripgrep (rg), and standard Unix utilities (head, etc.). This omission is a mismatch between declared requirements and what the skill actually needs to run.
Instruction Scope
The instructions tell the agent to inspect the repo, update manifests, run build and release scripts (pnpm build / pnpm run), commit, and push branches and annotated tags. Running repository build/release scripts means arbitrary code checked into the repo will execute on the host — a normal part of releases but a significant runtime risk if you don't trust the repository or agent actions. The workflow does not attempt to read unrelated system files or external secrets, which is good.
Install Mechanism
There is no install spec and no code files beyond SKILL.md and a small agent manifest. Instruction-only skills write nothing to disk by themselves — low install risk.
Credentials
No environment variables or credentials are declared, but the skill expects to push to git remotes and may interact with publishing workflows (GitHub Actions / npm). Git push will use whatever credentials are configured for the agent runtime (SSH key, credential helper). If you expect the skill to publish to npm directly, an npm token or other credential would be required — the SKILL.md mentions npm publishing only as an outcome of tag-triggered workflows, not as an action requiring declared credentials. The lack of declared credentials is a documentation gap you should confirm.
Persistence & Privilege
The skill does not request permanent/always-on presence (always: false). The default autonomous invocation setting is allowed; that means an agent could perform pushes/tags if allowed by the platform and user prompts — be aware pushing tags is a remote-modifying action.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install new-tag - 安装完成后,直接呼叫该 Skill 的名称或使用
/new-tag触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
- Initial release with version 0.1.1.
- Added agents/openai.yaml configuration file.
v0.1.0
Initial release of the new-tag skill:
- Prepares and publishes a git release tag based on repository conventions and release workflows.
- Inspects workflows, package manifests, and recent tags to guide version bumping and tagging.
- Updates package versions, commits release prep, pushes the release branch, and creates an annotated tag.
- Validates required builds before tagging; ensures only intended files are included.
- Reports bumped packages, validation commands run, commit SHA, pushed tag, and any residual release risks.
元数据
常见问题
New Tag 是什么?
Prepare and publish a git release tag by inspecting the repo's release convention, bumping affected package versions, validating release builds, committing t... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 284 次。
如何安装 New Tag?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install new-tag」即可一键安装,无需额外配置。
New Tag 是免费的吗?
是的,New Tag 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
New Tag 支持哪些平台?
New Tag 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 New Tag?
由 femto(@femto)开发并维护,当前版本 v0.1.1。
推荐 Skills