← 返回 Skills 市场
1yihui

YiHui GIT MONITOR

作者 辉哥 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
46
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install yihui-git-monitor
功能描述
通用 Git 项目监控工具。支持 GitHub、GitLab、Gitee 等所有 Git 平台。可以添加、删除、检查任意 Git 仓库的更新,自动拉取代码并生成变更摘要。
安全使用建议
Do not install yet. Ask the publisher for the actual package contents and an install spec (what clawhub fetches), and inspect the helper.js and any install scripts before granting access. Confirm which binaries (git, node) are used and whether the skill will read ~/.openclaw/openclaw.json or any other files. If you must test it, run it in a sandbox or isolated account with no Feishu or other sensitive credentials set, and prefer providing a dedicated, limited-scope Feishu bot/token rather than using global credentials. If the publisher cannot provide code or a clear install manifest, treat the skill as untrusted.
功能分析
Type: OpenClaw Skill Name: yihui-git-monitor Version: 1.0.0 The skill requests broad permissions to read sensitive environment variables and local configuration files (~/.openclaw/openclaw.json) containing Feishu/Lark credentials. While these are documented for notification purposes, the skill's core logic involves pulling remote Git repository content and executing a local script (helper.js, which is not provided in the bundle), creating a high-risk surface for credential exfiltration or indirect prompt injection from monitored repositories.
能力评估
Purpose & Capability
The skill claims to monitor Git repos and push notifications to Feishu, which legitimately would require code (a helper script), access to git, and optionally Feishu credentials. However the registry entry lists no code files, no install spec, no required binaries (git/node), and no required env/config paths. Those omissions are inconsistent with the stated capability.
Instruction Scope
SKILL.md explicitly instructs running 'node helper.js' in ~/.openclaw/workspace/skills/git-monitor and describes cascading reads of FEISHU_* environment variables and the OpenClaw main config (~/.openclaw/openclaw.json). Those runtime actions involve reading local files and credentials and executing code — but there is no code or declared file access in the package metadata. The doc also promises pushing to the 'current chat window' without clearly specifying endpoints, granting broad discretion.
Install Mechanism
There is no install spec in the registry entry (instruction-only skill). That reduces on-disk risk from this package itself, but the SKILL.md refers to 'clawhub install git-monitor' and local helper scripts that are not present in the scanned bundle. Either the installer will fetch additional code at install time (not visible here) or the documentation is misleading — both are noteworthy.
Credentials
The README instructs the skill will read FEISHU_APP_ID / FEISHU_APP_SECRET / FEISHU_CHAT_ID and fall back to ~/.openclaw/openclaw.json. Yet the skill metadata declares no required environment variables or config paths. Reading an agent's main config file and optional Feishu secrets is sensitive and should be explicitly declared; the omission is disproportionate to what was declared.
Persistence & Privilege
always:false (default) and autonomous invocation allowed (default) are fine. However the skill's described behavior (scheduled checks, automatic pushes) implies persistent/background activity. Because the skill may read your OpenClaw config and env vars, you should be cautious about enabling scheduled/always-running behavior until the code and install process are reviewed.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install yihui-git-monitor
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /yihui-git-monitor 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
Slug yihui-git-monitor
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

YiHui GIT MONITOR 是什么?

通用 Git 项目监控工具。支持 GitHub、GitLab、Gitee 等所有 Git 平台。可以添加、删除、检查任意 Git 仓库的更新,自动拉取代码并生成变更摘要。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 46 次。

如何安装 YiHui GIT MONITOR?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install yihui-git-monitor」即可一键安装,无需额外配置。

YiHui GIT MONITOR 是免费的吗?

是的,YiHui GIT MONITOR 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

YiHui GIT MONITOR 支持哪些平台?

YiHui GIT MONITOR 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 YiHui GIT MONITOR?

由 辉哥(@1yihui)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 留言讨论