← 返回 Skills 市场
michailbul

Repo Kanban PM

作者 Michailbul · GitHub ↗ · v0.1.1
cross-platform ⚠ suspicious
460
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install repo-kanban-pm
功能描述
Install and enforce a lightweight product-management workflow inside a code repo: feature-as-kanban boards, ROADMAP status tracking, branch/PR conventions, a...
安全使用建议
This skill appears to do what it promises (create ROADMAP/KANBAN templates and patch AGENTS.md). Before using it: 1) Inspect the two scripts in the repo and test them in a safe environment (a disposable clone or container). 2) If you enable the optional cron, be aware it schedules an autonomous agent run that may call `gh` and run `npx` in the repo — these actions can fetch code or network resources and will include the repo path in the cron announcement. Only enable the cron if you trust the OpenClaw environment/agent (`persey`) and the `openclaw` CLI behavior. 3) If you cannot trust autonomous agents or need stricter control, run init_repo_pm.sh manually and do not add the cron, or remove/adjust the cron message so it doesn't instruct potentially unsafe commands. 4) Consider adding the created documentation via a PR so maintainers can review changes to AGENTS.md and docs before merging.
功能分析
Type: OpenClaw Skill Name: repo-kanban-pm Version: 0.1.1 The skill is classified as suspicious due to the `scripts/add_daily_pm_cron.sh` script, which creates an OpenClaw cron job. This cron job instructs the AI agent to execute external commands like `gh pr list` and `npx tsc --noEmit` as part of its daily PM review process. While these commands are presented as 'lightweight checks' and align with the stated purpose, instructing an AI agent to execute arbitrary external shell commands represents a significant risky capability, even without clear evidence of malicious intent like data exfiltration or backdoors. The `SKILL.md` and other scripts primarily set up documentation and workflow rules, which are benign.
能力评估
Purpose & Capability
The skill's files and instructions align with the stated goal: it creates docs/pm, per-feature KANBAN files, bug intake, and patches AGENTS.md. There are no unrelated credentials or obviously extraneous capabilities in the bundle.
Instruction Scope
SKILL.md and the scripts stay within repo setup/PM enforcement. However, the optional cron payload text instructs the scheduled agent to run checks like `gh pr list` and `npx tsc --noEmit` (the latter can fetch/execute code via npm). While these commands are reasonable for a PM audit, they introduce the possibility of network activity and code execution when the cron-triggered agent runs. The scripts themselves do not immediately execute those commands, but they configure a scheduled autonomous job that will be asked to perform them.
Install Mechanism
This is an instruction-only skill with small helper scripts; nothing is downloaded or extracted and no install spec is present. Risk from install mechanism is low.
Credentials
The skill declares no required environment variables or credentials, which is appropriate. One minor inconsistency: the add_daily_pm_cron.sh script invokes the `openclaw` CLI, but the skill metadata does not declare any required binary; if `openclaw` isn't present the cron-add step will fail. No secrets are requested or needed by the scripts.
Persistence & Privilege
The skill does not force permanent inclusion (always:false). However, the optional add_daily_pm_cron.sh creates an autonomous scheduled agent job (via `openclaw cron add --announce`) that will run daily and perform repo reads and lightweight checks. That scheduled job can execute commands (e.g., gh, npx) and broadcasts the repo path in the cron description/announcement — consider this persistence/autonomy when enabling the cron.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install repo-kanban-pm
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /repo-kanban-pm 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.1
Add bugs inbox (docs/pm/bugs) and daily PM cron bug triage enforcement. Clarify when-to-use triggers.
v0.1.0
Initial release: repo ROADMAP + per-feature KANBAN workflow, bugs inbox (docs/pm/bugs), init script, and daily PM cron helper.
元数据
Slug repo-kanban-pm
版本 0.1.1
许可证
累计安装 1
当前安装数 0
历史版本数 2
常见问题

Repo Kanban PM 是什么?

Install and enforce a lightweight product-management workflow inside a code repo: feature-as-kanban boards, ROADMAP status tracking, branch/PR conventions, a... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 460 次。

如何安装 Repo Kanban PM?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install repo-kanban-pm」即可一键安装,无需额外配置。

Repo Kanban PM 是免费的吗?

是的,Repo Kanban PM 完全免费(开源免费),可自由下载、安装和使用。

Repo Kanban PM 支持哪些平台?

Repo Kanban PM 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Repo Kanban PM?

由 Michailbul(@michailbul)开发并维护,当前版本 v0.1.1。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 留言讨论