技能详情(站内镜像,无评论)
作者:Andrew Wilkinson @ADWilkinson
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v0.0.1
统计:⭐ 0 · 212 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :可疑 · OpenClaw :可疑
Package:adwilkinson/oneshot-ship
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :可疑
OpenClaw 评估
The skill's instructions broadly match its goal (autonomous code shipping) but contain inconsistencies and several high-risk behaviors (undocumented required API keys/CLIs, remote execution, dependency installs, and plaintext config storage) that should be reviewed before installing.
目的
The SKILL.md explicitly requires Anthropic (Claude) and OpenAI (Codex) CLIs, GitHub CLI authentication, Bun, and optional SSH access, which are coherent with an autonomous shipping tool; however the registry metadata declares no required env vars, credentials, or binaries. That metadata mismatch (no declared credentials vs SKILL.md asking for ANTHROPIC_API_KEY/OPENAI_API_KEY and GitHub auth) is incoherent and should be resolved.
说明范围
The runtime instructions tell the agent to read the entire repo, create temporary worktrees, auto-detect and install dependencies (bun/pnpm/yarn/npm), run LLM-based plan/execute/review steps, and optionally run over SSH or as a detached background process. Those behaviors are expected for an autonomous ship tool, but they also allow arbitrary code execution (package install scripts, build steps) and will transmit repository contents and CLAUDE…
安装机制
There is no formal install spec in the registry, but the SKILL.md tells users to run 'bun install -g oneshot-ship' (unknown source). Relying on a global bun package published externally without a verified release/source in the registry is risky. The skill also depends on third-party CLIs (Claude Code CLI, Codex CLI, GitHub CLI) whose install sources and required versions/permissions are not detailed.
证书
The skill needs LLM API keys (ANTHROPIC_API_KEY, OPENAI_API_KEY), a GitHub-authenticated CLI, and optionally a Linear API key per SKILL.md and example config — all reasonable for this functionality — but the registry lists no required env vars. The skill instructs storing keys in ~/.oneshot/config.json in plaintext by example, which is a security/privacy concern. The documentation does not specify required GitHub token scopes or how secrets ar…
持久
The skill does not set always:true. It stores configuration in ~/.oneshot/config.json and can run detached background jobs on a remote server via SSH, which creates persistent presence on the host. Those are plausible for the purpose but increase attack surface (left-behind processes, stored plaintext credentials) and should be explicitly documented and controlled.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「oneshot CLI」。简介:Ship code autonomously with oneshot CLI -- a single command that plans, execute…。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/adwilkinson/oneshot-ship/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: oneshot-ship
description: Ship code autonomously with oneshot CLI -- a single command that plans, executes, reviews, and opens a PR. Runs over SSH or locally. Use when the user wants to ship code changes, automate PRs, or run an autonomous coding pipeline with Claude and Codex.
license: MIT
metadata:
author: ADWilkinson
version: "0.0.1"
repository: "https://github.com/ADWilkinson/oneshot-cli"
compatibility: Requires Bun, Claude Code CLI, Codex CLI, and GitHub CLI. SSH access to a server optional (can run locally with --local)
---
# oneshot CLI
Ship code with a single command. oneshot CLI runs a full autonomous pipeline: plan (Claude) -> execute (Codex) -> review (Codex) -> PR (Claude). Works over SSH to a remote server or locally with `--local`.
## When to use this skill
- User wants to ship a code change to a repository without manual coding
- User wants to automate the plan/implement/review/PR workflow
- User mentions "oneshot" or "oneshot CLI" or wants autonomous code shipping
- User wants to delegate a coding task to run on a remote server or locally
## Installation
```bash
bun install -g oneshot-ship
```
## Setup
Run `oneshot init` to configure SSH host, workspace path, API keys, and model preferences. Config is saved to `~/.oneshot/config.json`.
Repos on the server should be organized as `<org>/<repo>` under the workspace path:
```
~/projects/
my-org/my-app/
my-org/my-api/
```
### Server prerequisites
- [Bun](https://bun.sh)
- [Claude Code CLI](https://docs.anthropic.com/en/docs/claude-code)
- [Codex CLI](https://github.com/openai/codex)
- [GitHub CLI](https://cli.github.com) (authenticated)
- `ANTHROPIC_API_KEY` and `OPENAI_API_KEY` in environment
## Usage
### Basic usage
```bash
oneshot <repo> "<task>"
```
### With Linear ticket
```bash
oneshot <repo> <linear-url>
```
Fetches the ticket as context and updates its status after the PR is created.
### Local mode
```bash
oneshot <repo> "<task>" --local
```
Runs the pipeline directly on the current machine instead of SSH-ing to a server. Requires Claude Code CLI, Codex CLI, and GitHub CLI installed locally.
### Background mode
```bash
oneshot <repo> "<task>" --bg
```
Fire and forget -- runs detached on the server (SSH mode only).
### Dry run
```bash
oneshot <repo> --dry-run
```
Validates the repo exists without running the pipeline.
### Override model
```bash
oneshot <repo> "<task>" --model sonnet
```
## Pipeline steps
1. **Validate** -- checks the repo exists, fetches latest from origin
2. **Worktree** -- creates a temp git worktree from `origin/main`, auto-detects and installs deps (bun/pnpm/yarn/npm)
3. **Plan** -- Claude reads the codebase and CLAUDE.md conventions, outputs an implementation plan
4. **Execute** -- Codex implements the plan
5. **Review** -- Codex reviews its own diff for bugs, types, and security issues
6. **PR** -- Claude creates a branch, commits, pushes, and opens a PR
The worktree is cleaned up after every run.
## Configuration
`~/.oneshot/config.json`:
```json
{
"host": "user@100.x.x.x",
"basePath": "~/projects",
"anthropicApiKey": "sk-ant-...",
"linearApiKey": "lin_api_...",
"claude": { "model": "opus", "timeoutMinutes": 180 },
"codex": { "model": "gpt-5.3-codex", "reasoningEffort": "xhigh", "timeoutMinutes": 180 },
"stepTimeouts": {
"planMinutes": 20,
"executeMinutes": 60,
"reviewMinutes": 20,
"prMinutes": 20
}
}
```
Only `host` is required. Everything else has defaults.
## Flags
| Flag | Short | Description |
|------|-------|-------------|
| `--model` | `-m` | Override Claude model |
| `--dry-run` | `-d` | Validate only |
| `--local` | | Run locally instead of over SSH |
| `--bg` | | Run in background (SSH mode only) |
| `--help` | `-h` | Help |
| `--version` | `-v` | Version |
## Customization
- Drop a `CLAUDE.md` in any repo root to enforce conventions -- oneshot passes it as context to both Claude and Codex
- Edit `prompts/plan.txt`, `execute.txt`, `review.txt`, `pr.txt` to change pipeline behavior
## Tips
- Use `--bg` for long-running tasks so you can fire and forget
- Linear integration auto-moves tickets to "In Review" and adds a PR comment
- Per-step timeouts prevent runaway processes (defaults: plan 20min, execute 60min, review 20min, PR 20min)
- oneshot CLI creates isolated worktrees so your main branch is never affected