← 返回 Skills 市场
114
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install repo-scout
功能描述
Discover, evaluate, and rank GitHub repositories in any ecosystem or domain. Produces a structured ranking document with star counts, languages, issue health...
安全使用建议
What to consider before installing and running repo-scout:
- The SKILL.md asks you to use an authenticated GitHub CLI or provide a GH_TOKEN; the skill manifest did not declare this. Treat that as a manifest bug and exercise caution.
- Only provide a GitHub token with the minimal scopes needed (read-only repo access or fine-grained token scoped to public repositories). Do NOT supply a full org-admin or write-scoped token.
- Prefer authenticating gh locally (gh auth login) rather than pasting a token into a UI or environment that you don't control. If you must export GH_TOKEN, do so in a temporary shell and revoke the token after use.
- Review the generated {workspace}/ecosystem-top{N}.md before using downstream workflows. The skill will run gh and fetch repo files; verify outputs for sensitive info before sharing.
- Ask the skill author/registry maintainer to update the manifest to declare required binaries (gh) and required env vars (GH_TOKEN) so the platform can surface the requirement transparently.
- Because this is instruction-only (no install code), the immediate code risk is low, but the undeclared credential requirement is the main concern. If you need higher assurance, request the author to provide an explicit list of required gh scopes and to confirm the skill will not transmit the token elsewhere.
功能分析
Type: OpenClaw Skill
Name: repo-scout
Version: 1.0.0
The 'repo-scout' skill is a legitimate tool designed to discover and rank GitHub repositories based on contribution friendliness. It uses the standard GitHub CLI (`gh`) for data collection and produces a structured markdown report in the workspace, with no evidence of malicious execution, data exfiltration, or prompt injection (SKILL.md).
能力评估
Purpose & Capability
The SKILL.md explicitly requires an authenticated GitHub CLI (gh) and suggests providing a GH_TOKEN; however, the registry metadata declares no required binaries, no required environment variables, and no primary credential. That is an internal inconsistency: a GitHub token and gh binary are legitimate for the skill's purpose, but they should be declared by the manifest.
Instruction Scope
Instructions stay within the stated purpose: searching GitHub, inspecting repo files (CONTRIBUTING.md, .github/workflows), running gh issue commands, and writing a ranking markdown into the workspace. They do ask the user to provide or export a GH_TOKEN and GitHub username if CLI auth is not present. There are no instructions to read unrelated local files or exfiltrate data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, which is low-risk from an installation payload perspective.
Credentials
The runtime needs a GitHub token (GH_TOKEN) and an authenticated gh CLI to avoid rate limits and access private data, but the manifest did not declare these environment or credential requirements. Requesting a token is proportional to the functionality, but the undeclared credential is a transparency/manifest issue and increases risk if users supply a token with overly broad scopes.
Persistence & Privilege
The skill does not request 'always' presence, does not modify other skills, and only writes an output file to the workspace as described. Autonomous invocation is allowed by default but not combined with other privilege red flags here.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install repo-scout - 安装完成后,直接呼叫该 Skill 的名称或使用
/repo-scout触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial public release of repo-scout.
- Discover, evaluate, and rank GitHub repositories by ecosystem or domain.
- Produces a structured markdown report with star counts, languages, issue health, and contribution friendliness scores.
- Supports advanced scoring: considers bugs, contribution docs, CI/CD, community size, and PR responsiveness.
- Includes workflow to define search criteria, systematically collect data, rank, and filter repositories.
- Enables easy identification of top open-source projects and skipping of unsuitable candidates.
元数据
常见问题
repo-scout 是什么?
Discover, evaluate, and rank GitHub repositories in any ecosystem or domain. Produces a structured ranking document with star counts, languages, issue health... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 114 次。
如何安装 repo-scout?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install repo-scout」即可一键安装,无需额外配置。
repo-scout 是免费的吗?
是的,repo-scout 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
repo-scout 支持哪些平台?
repo-scout 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 repo-scout?
由 Bijin(@sliverp)开发并维护,当前版本 v1.0.0。
推荐 Skills